EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected service runs as NT AUTHORITY\SYSTEM.
Credits
Tobias Niemann, SEC Consult Vulnerability Lab
Daniel Hirschberger, SEC Consult Vulnerability Lab
