Nulsect0R

**Name of the Vulnerable Software and Affected Versions** SailPoint Desktop Password Reset version 7.2 **Description** An unauthenticated privilege escalation issue exists, allowing a user with local access to the Windows logon screen to escalate their privileges to NT AUTHORITYSystem. To exploit this, an attacker needs local access to the machine and must disconnect it from the local network/WAN, then connect it to an internet-facing access point/network. The attacker can then execute the password-reset functionality, exposing a web browser. By browsing to a site that calls local Windows system functions, such as file upload, the local file system is exposed, enabling the launch of a privileged command shell. **Recommendations** For SailPoint Desktop Password Reset version 7.2, as a temporary workaround, consider restricting local access to the Windows logon screen and limiting the ability to disconnect from and reconnect to different networks until a patch is available. Additionally, restrict access to the password-reset functionality to minimize the risk of exploitation.