CVE-2023-50702 Information

Description

Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by low-privileged users (and low-privileged users have write access to %PROGRAMDATA%\SSCService). Consequently low-privileged users can execute arbitrary code as LocalSystem.

Reference

https://www.youtube.com/watch?v=3dCoV33y1WY