Vulnerability disclosure

Hi All,
It seems I was able to get a hold of a vulnerability in the Deploy-Application.exe binary that allows a normal user to escalate their rights to NT System (basically abusing the frequent deployment script to get code execution as the process owner).
My question is, what is the process of reporting bugs and vulnerabilities within this application and aquiring a CVE recognition.

Thanks for your valuable input.
Kind regards

You can report issues with PSADT here: Issues · PSAppDeployToolkit/PSAppDeployToolkit (github.com).

Use the option “Report a security vulnerability”.

2 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.