Lukas Krieg

**Name of the Vulnerable Software and Affected Versions** HIGH-LEIT versions 04.25.00.00 through 04.25.01.01 HIGH-LEIT version 05.08.01.03 **Description** The issue concerns an insecure file and folder permissions vulnerability in the `prunsrv.exe` file. This vulnerability can be exploited by a regular user to escalate privileges and execute arbitrary code in the context of NT AUTHORITYSYSTEM. **Recommendations** For HIGH-LEIT versions 04.25.00.00 through 04.25.01.01, consider restricting access to the `prunsrv.exe` file until a patch is available. For HIGH-LEIT version 05.08.01.03, consider restricting access to the `prunsrv.exe` file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.