|
Naziv
|
Modification of Windows Service Configuration
|
|
Sažetak
|
An adversary exploits a weakness in access control to modify the execution parameters of a Windows service. Specifically, if the permissions for users and groups are not properly assigned and allow access to the registry keys used to store the configuration information for a service, then an adversary could change settings defining the path to the executable and cause a malicious binary to be executed.
|
|
Preduvjeti
|
The adversary must have the capability to write to the Windows Registry on the targeted system.
|
|
Rješenja
|
Ensure proper permissions are set for Registry hives to prevent users from modifying keys for system components that may lead to privilege escalation.
|
