Share
## https://sploitus.com/exploit?id=PACKETSTORM:177870
# Exploit Title: ASUS Control Center Express 01.06.15 - Unquoted Service Path  
Privilege Escalation  
# Date: 2024-04-02  
# Exploit Author: Alaa Kachouh  
# Vendor Homepage:  
https://www.asus.com/campaign/ASUS-Control-Center-Express/global/  
# Version: Up to 01.06.15  
# Tested on: Windows  
# CVE: CVE-2024-27673  
  
===================================================================  
ASUS Control Center Express Version =< 01.06.15 contains an unquoted  
service path which allows attackers to escalate privileges to the system  
level.  
Assuming attackers have write access to C:\, the attackers can abuse the  
Asus service "Apro console service"/apro_console.exe which upon restarting  
will invoke C:\Program.exe with SYSTEM privileges.  
  
The binary path of the service alone isn't susceptible, but upon its  
initiation, it will execute C:\program.exe as SYSTEM.  
  
Service Name: AProConsoleService  
binary impacted: apro_console.exe  
  
# If a malicious payload is inserted into C:\ and service is executed in  
any way, this can grant privileged access to the system and perform  
malicious activities.