CVE-2013-10046 Information

Aug 02, 2025 cve

Description

A local privilege escalation vulnerability exists in Agnitum Outpost Internet Security 8.1 that allows an unprivileged user to execute arbitrary code with SYSTEM privileges. The flaw resides in the acs.exe component which exposes a named pipe that accepts unauthenticated commands. By exploiting a directory traversal weakness in the pipe protocol an attacker can instruct the service to load a malicious DLL from a user-controlled location. The DLL is then executed in the context of the privileged service.

Reference

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/local/agnitum_outpost_acs.rb https://www.exploit-db.com/exploits/27282 https://www.exploit-db.com/exploits/28335 https://www.vulncheck.com/advisories/agnitum-outpost-internet-security-local-priv-esc

CNNVD-202508-093 (Published: 2025-08-01)

Share on:

CVE-2013-10046 Information

Description

Reference

Related CNNVD