Local privilege escalation through insecure DCOM configuration in Valmet DNA versions prior to C2023. The DCOM object Valmet DNA Engineering has permissions that allow it to run commands as a user with the SeImpersonatePrivilege privilege. The SeImpersonatePrivilege privilege is a Windows permission that allows a process to impersonate another user. An attacker can use this vulnerability to escalate their privileges and take complete control of the system.
2025-04-01T04:15:37.727
2025-04-01T20:26:11.547
Awaiting Analysis
db4dfee8-a97e-4877-bfae-eba6d14a2166
-
-