Acronis Cyber Protect/Backup Remote Code Execution

Fortinet FortiManager Unauthenticated Remote Code Execution

Asterisk AMI Originate Authenticated Remote Code Execution

Debian Security Advisory 5823-1

Debian Security Advisory 5815-2

On Microsoft Windows, the LsapGetClientInfo API in LSASRV will fallback and directly capture a caller's impersonation token if it fails to impersonate, leading to elevation of privilege if the impersonation level is not checked.

Headline

Windows LSA Service LsapGetClientInfo Impersonation Level Check Privilege Escalation

Packet Storm: Latest News