CVE-2024-50591

An attacker with local access the to medical office computer can <br /> escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by <br /> exploiting a command injection vulnerability in the Elefant Update <br /> Service. The command injection can be exploited by communicating with <br /> the Elefant Update Service which is running as "SYSTEM" via Windows <br /> Named Pipes.The Elefant Software Updater (ESU) consists of two components. An ESU<br /> service which runs as "NT AUTHORITY\SYSTEM" and an ESU tray client <br /> which communicates with the service to update or repair the installation<br /> and is running with user permissions. The communication is implemented <br /> using named pipes. A crafted message of type <br /> "MessageType.SupportServiceInfos" can be sent to the local ESU service <br /> to inject commands, which are then executed as "NT AUTHORITY\SYSTEM".