Vivavis HIGH-LEIT 4 / 5 Privilege Escalation –

– Vivavis HIGH-LEIT versions 4 and 5 allow attackers to execute arbitrary code as local system on systems where the “HL-InstallService-hlxw” or “HL-InstallService-hlnt” Windows service is running. Authentication is necessary for successful exploitation. The execution of the exploit is trivial and might affect other systems if the applications folder is shared between multiple systems in which case the vulnerability can be used for lateral movement. – Read More  – Packet Storm