Vulnerabilities
44676 – SMB Insecurely Configured Service-
Synopsis
At least one insecurely configured Windows service on the remote host is affected by a privilege escalation vulnerability.
Description
At least one insecurely configured Windows service was detected on the remote host. Unprivileged users can modify the properties of these affected services, allowing an unprivileged, local attacker to execute arbitrary code or commands as SYSTEM.
Nessus checked if any of the following groups have permissions to modify executable files that are started by Windows services :
– Everyone
– Users
– Domain Users
– Authenticated Users
See Also
https://docs.microsoft.com/en-us/windows/desktop/Services/service-security-and-access-rights
Solution
Ensure the groups listed above do not have ChangeConf, WDac, or WOwn permissions. Refer to the Microsoft documentation for more information.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v2.0 Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
References
XREF IAVT:0001-T-0753
Plugin Information
Published: 2010/02/22, Modified: 2022/02/02
Plugin Output
tcp/445/cifs
The following service has insecure group permissions:
spacedeskService (spacedeskService) :
– Everyone: DC, WD, WO