{"uuid": "6b729e0e-90de-4a24-96fc-cb54869376c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16784", "type": "seen", "source": "https://t.me/arpsyndicate/2198", "content": "#ExploitObserverAlert\n\nCVE-2019-16784\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2019-16784. In PyInstaller before version 3.6, only on Windows, a local privilege escalation vulnerability is present in this particular case: If a software using PyInstaller in \"onefile\" mode is launched by a privileged user (at least more than the current one) which have his \"TempPath\" resolving to a world writable directory. This is the case for example if the software is launched as a service or as a scheduled task using a system account (TempPath will be C:\\Windows\\Temp). In order to be exploitable the software has to be (re)started after the attacker launch the exploit program, so for a service launched at startup, a service restart is needed (e.g. after a crash or an upgrade).\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-28T05:38:02.000000Z"}