The Container Manager Service accepts an access token provided
by the user without verification allowing an arbitrary process to
be created with another user identity leading to privilege
escalation.
Pensée du jour :
Ce que l'homme a fait ,
l'homme peut le défaire.
"No secure path in the world"