TDM Digital Signage PC Player Elevation of Privileges Vulnerability

An elevation of privileges vulnerability has been identified in TDM Digital Signage PC Player version 4.1.0.4. This vulnerability allows authenticated users to modify executable files. By exploiting the 'Modify' permissions granted to the 'Authenticated Users' group, an attacker could replace legitimate executable files with malicious binaries, potentially leading to unauthorized system access.

Impact

Exploitation of this vulnerability could result in unauthorized modification of executable files, allowing for the replacement of legitimate applications with malicious ones. This could lead to elevated privileges and unauthorized access to system resources.

Reproduction

The vulnerability can be reproduced by an authenticated user who has the 'Modify' permission on executable files within the TDM Digital Signage application directory. Once authenticated, the user can replace existing executable files with malicious binaries of their choice.