## https://sploitus.com/exploit?id=8B6BEFB0-DF64-59A5-A4A6-986922828D1C
# Spacedesk_POC
## Vulnerability Description
A Local Privilege Escalation (LPE) vulnerability exists in spacedesk Driver Software. The vulnerability stems from an insecure Service ACL (Access Control List) configuration assigned to the 'spacedeskService'
### Affected Versions
msi Version:
## Mitigation
The vendor should follow the Principle of Least Privilege (PoLP) and restrict the Service ACL. Ensure that only Administrators or SYSTEM accounts have SERVICE_CHANGE_CONFIG or SERVICE_ALL_ACCESS permissions. Standard users should only have SERVICE_QUERY_CONFIG, SERVICE_QUERY_STATUS, and SERVICE_START/STOP rights if absolutely necessary.