Share
## https://sploitus.com/exploit?id=8B6BEFB0-DF64-59A5-A4A6-986922828D1C
# Spacedesk_POC

## Vulnerability Description

A Local Privilege Escalation (LPE) vulnerability exists in spacedesk Driver Software. The vulnerability stems from an insecure Service ACL (Access Control List) configuration assigned to the 'spacedeskService' 

### Affected Versions

msi Version:

## Mitigation

The vendor should follow the Principle of Least Privilege (PoLP) and restrict the Service ACL. Ensure that only Administrators or SYSTEM accounts have SERVICE_CHANGE_CONFIG or SERVICE_ALL_ACCESS permissions. Standard users should only have SERVICE_QUERY_CONFIG, SERVICE_QUERY_STATUS, and SERVICE_START/STOP rights if absolutely necessary.