The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 prior to 2018-06-26 mishandles child processes and consequently launches Internet Explorer or Microsoft Edge as Administrator, which allows local users to gain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pearsonvue iqsystem 7 |
||
pearsonvue console 8 |