Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
The Windows client in SAP Afaria 7.0.6398.0 uses weak permissions (Everyone: read and Everyone: write) for the install folder, which allows local users to gain privileges via a Trojan horse XeService.exe file.
- http://packetstormsecurity.com/files/132681/SAP-Afaria-XeService.exe-7.0.6398.0-Weak-File-Permissions.html
No PoCs found on GitHub currently.