| Title | MECHREVO Control Console 1.0.2.70 Elevation Of Privilege |
|---|
| Description | The Mechanical Revolution Console service will load a non-existent DLL from the current directory with permission 'system', and it will start automatically. When GCUService. exe is run, it will search for csCAPI.dll in the current directory and load it onto the stack to run. However, cscapi.dll is not in the default GCUService. exe directory. You can place malicious csCAPi.dll in the GCUService. exe directory and exploit this vulnerability for privilege escalation. |
|---|
| Source | ⚠️ https://www.yuque.com/ba1ma0-an29k/nnxoap/bhd5ckqugggmpttp?singleDoc# 《MECHREVO Control Console Has Privilege Escalation Vulnerability》 |
|---|
| User | Ba1_Ma0 (UID 60252) |
|---|
| Submission | 04/22/2025 06:15 (12 months ago) |
|---|
| Moderation | 05/04/2025 20:28 (13 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 307376 [Mechrevo Control Console 1.0.2.70 GCUService csCAPI.dll uncontrolled search path] |
|---|
| Points | 20 |
|---|