$Privilege Escalation via DLL Hijacking in C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe$

Privilege Escalation via DLL Hijacking in C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe

CVE-2023-37243 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges.

Learn more about our User Device Pen Test.