QwikSec

Security Database

CVE

CWE

Training

CVE-2013-10046

Published: Aug 1, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

A local privilege escalation vulnerability exists in Agnitum Outpost Internet Security 8.1 that allows an unprivileged user to execute arbitrary code with SYSTEM privileges. The flaw resides in the acs.exe component, which exposes a named pipe that accepts unauthenticated commands. By exploiting a directory traversal weakness in the pipe protocol, an attacker can instruct the service to load a malicious DLL from a user-controlled location. The DLL is then executed in the context of the privileged service.

Vendor	Product	Versions
Agnitum Ltd.	Outpost Internet Security	affected `8.1`

Weaknesses (CWE)

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/local/agnitum_outpost_acs.rb

exploit

https://www.exploit-db.com/exploits/27282

exploit

https://www.exploit-db.com/exploits/28335

exploit

https://www.vulncheck.com/advisories/agnitum-outpost-internet-security-local-priv-esc

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.