Exploits / Vulnerability Discovered : 2020-04-29 |
Type : local |
Platform : windows
This exploit / vulnerability Emeditor 19.8 insecure file permissions is for educational purposes only and if it is used you will do on your own risk!
EmEditor is a fast, lightweight, yet extensible, easy-to-use text editor for Windows.
Both native 64-bit and 32-bit builds are available, and moreover,
the 64-bit includes separate builds for SSE2 (128-bit), AVX-2 (256-bit),
and AVX-512 (512-bit) instruction sets.
Replace any *.exe files with any executable
malicious file you want then wait and get SYSTEM or Administrator rights (Privilege Escalation)
- Also you can use DLL Hijacking technique(emonig.dll,emregexp.dll,emtoast.dll..) ;D