Home Forums spacedesk Discussions Vulnerabilities report on Nessus

Viewing 0 posts
  • Author
    Posts
  • #6555
    juniorloco
    Participant

    Vulnerabilities
    44676 – SMB Insecurely Configured Service-
    Synopsis
    At least one insecurely configured Windows service on the remote host is affected by a privilege escalation vulnerability.
    Description
    At least one insecurely configured Windows service was detected on the remote host. Unprivileged users can modify the properties of these affected services, allowing an unprivileged, local attacker to execute arbitrary code or commands as SYSTEM.

    Nessus checked if any of the following groups have permissions to modify executable files that are started by Windows services :

    – Everyone
    – Users
    – Domain Users
    – Authenticated Users
    See Also
    https://docs.microsoft.com/en-us/windows/desktop/Services/service-security-and-access-rights
    Solution
    Ensure the groups listed above do not have ChangeConf, WDac, or WOwn permissions. Refer to the Microsoft documentation for more information.
    Risk Factor
    High
    CVSS v3.0 Base Score
    7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
    CVSS v2.0 Base Score
    7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
    References
    XREF IAVT:0001-T-0753
    Plugin Information
    Published: 2010/02/22, Modified: 2022/02/02
    Plugin Output
    tcp/445/cifs

    The following service has insecure group permissions:

    spacedeskService (spacedeskService) :
    – Everyone: DC, WD, WO

Viewing 0 posts
  • You must be logged in to reply to this topic.