N-Able’s Take Control Agent Vulnerability Exposes Windows Systems to Privilege Escalation

A high-severity security flaw has been disclosed in N-Able’s Take Control Agent that could be exploited by a local unprivileged attacker to gain SYSTEM privileges.

Tracked as CVE-2023-27470, the issue relates to a Time-of-Check to Time-of-Use race condition vulnerability, which, when successfully exploited, could be leveraged to delete arbitrary files on a Windows system.

According to the Google-owned threat intelligence firm, CVE-2023-27470 arises from a TOCTOU race condition in the Take Control Agent between logging multiple file deletion events and each delete action from a specific folder named “C:ProgramDataGetSupportService N-CentralPushUpdates.”

Even more troublingly, this arbitrary file deletion could be weaponized to secure an elevated Command Prompt by taking advantage of a race condition attack targeting the Windows installer’s rollback functionality, potentially leading to code execution.

“Arbitrary file deletion exploits are no longer limited to [denial-of-service attacks and can indeed serve as a means to achieve elevated code execution,” Oliveau said, adding such exploits can be combined with “MSI’s rollback functionality to introduce arbitrary files into the system.”

“A seemingly innocuous process of logging and deleting events within an insecure folder can enable an attacker to create pseudo-symlinks, deceiving privileged processes into running actions on unintended files.”

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

Tell us About your Needs
Get an Answer the Same Business Day

Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.

What happens next:

  • We reach out to learn about your objectives
  • We work together to define your project’s scope
  • You get an all-inclusive, no engagement proposal
This field is for validation purposes and should be left unchanged.


Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)



Everything You Need to Know

Gain confidence in your future cybersecurity assessments by learning to effectively plan, scope and execute projects.
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.