Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 (EC2007 Kernel v5.22). The flaw is a Time-of-Check Time-of-Use (TOCTOU) race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files without verifying whether the path is an NTFS reparse point. By exploiting this race condition, an attacker can replace the target directory with a junction pointing to a user-controlled path. This causes the SYSTEM-level process to drop binaries in a location fully controlled by the attacker, allowing arbitrary code execution with SYSTEM privileges. The vulnerability can be exploited by any standard user with only a single UAC confirmation, making it highly practical and dangerous in real-world environments.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SevenCs ORCA G2 安全漏洞
Vulnerability Description
SevenCs ORCA G2是德国SevenCs公司的一个电子海图系统。 SevenCs ORCA G2 2.0.1.35版本存在安全漏洞,该漏洞源于许可证管理逻辑中存在竞争条件,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A