CVE-2019-12808 | ALTOOLS Update Service Local Privilege Escalation Vulnerability2019.08.13
o ESTSOFT released security update to address privilege escalation vulnerability in ALTOOLS Update service.
Permissions, Privileges, and Access Controls
o ALTOOLS update service contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges.
□ Affected Product
ALTOOLS Update service
18.1 and prior
o Update software over ALTOOLS Update service 19.1 version