Vulnerability Details CVE-2019-12808
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References