Posted by malvuln on Feb 24
Discovery / credits: Malvuln – malvuln.com (c) 2022
Contact: malvuln13 () gmail com
Vulnerability: Insecure Permissions
Description: The malware writes a PE file with insecure permissions under c
drive granting change (C) permissions to the authenticated user group.
Standard users can rename the…