Security News > 2020 > December > PoC Released for Unpatched Windows Vulnerability Present Since 2006
Details and a proof-of-concept exploit have been released for an unpatched privilege escalation vulnerability in Windows related to the PsExec administration tool.
According to Wells, the vulnerability is a local privilege escalation issue that can be exploited by a non-admin process to elevate privileges to SYSTEM when PsExec is executed remotely or locally on the targeted computer.
The security hole has been found to impact Windows versions between Windows XP and Windows 10, and PsExec versions between 2.2 and 1.7.2.
PsExec, which is part of the Windows Sysinternals utilities suite, allows users to execute processes on remote Windows systems without the need to install third-party software.
"Communication between the PsExec client and the remote PSEXESVC service takes place over named pipes. Specifically, the pipe named 'PSEXESVC,' is responsible for parsing and executing the PsExec client's commands, such as 'which application to execute,' 'relevant command line data,' etc," the researcher explained.