CVE-2019-13069

Name of the Vulnerable Software and Affected Versions extenua SilverSHielD versions 6.x

Description The issue allows for Local Privilege Escalation to SYSTEM. An attacker can exploit this by replacing SilverShield.config.sqlite with a modified version that includes an additional user account. The attacker must then use SSH and port forwarding to access a service on 127.0.0.1.

Recommendations For extenua SilverSHielD versions 6.x, consider restricting access to the ProgramData folder and the SilverShield.config.sqlite file to prevent unauthorized modifications. As a temporary workaround, restrict SSH access and port forwarding to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.