Start a new topic

Insecure Windows Service Permissions

Hi,

i am using seqrite EPS and we have PCI DSS certified network.

So we are using Nessus tool to scan our servers and workstations and whole network to identify vulnerabilities in our network and i found this..





Path : c:\program files\seqrite\seqrite\arwsrvc.exe
Used by services : arwsrvc
File write allowed for groups : Everyone
Full control of directory allowed for groups : Everyone

Path : c:\program files\seqrite\seqrite\emlproxy.exe
Used by services : Core Mail Protection
File write allowed for groups : Everyone
Full control of directory allowed for groups : Everyone

Path : c:\program files\seqrite\seqrite\opssvc.exe
Used by services : Online Protection System
File write allowed for groups : Ever


At least one improperly configured Windows service may have a privilege escalation vulnerability.


and solution is :-

Ensure the groups listed above do not have permissions to modify or write service executables. Additionally, ensure these groups do not have Full Control permission to any directories that contain service executables.


Kindly advise me how to fix this ??

Login or Signup to post a comment