BakBone NetVault NVStatsMngr.EXE Local Privilege Escalation Vulnerability

info
discussion
exploit
solution
references

BakBone NetVault NVStatsMngr.EXE Local Privilege Escalation Vulnerability

BakBone NetVault is affected by a local privilege escalation vulnerability. A local user can manipulate 'nvstatsmngr.exe' to escalate privileges to that of the LocalSystem account.

An attacker can exploit this vulnerability to gain SYSTEM level privileges on an affected computer.

NetVault versions prior to 7.1.2/3 and 7.3.1 are vulnerable.