CVE-2018-13101

Published: Jul 3, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

KioskSimpleService.exe in RedSwimmer KioskSimple 1.4.7.0 suffers from a privilege escalation vulnerability in the WCF endpoint. The exposed methods allow read and write access to the Windows registry and control of services. These methods may be abused to achieve privilege escalation via execution of attacker controlled binaries.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/VerSprite/research/blob/master/advisories/VS-2018-026.md

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-13101

Description

Affected Products

References