Weak Permissions in Polycom BToE Connector Allows Privilege Escalation via Trojan Horse File

Weak Permissions in Polycom BToE Connector Allows Privilege Escalation via Trojan Horse File

CVE-2015-8300 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file.

Learn more about our User Device Pen Test.