Overview of Listcheck

ListCheck.exe is a Windows executable developed by Acer and distributed as part of Acer OEM system software related to upgrade or maintenance functionality. It is not a user-facing application, but rather a background component intended to be executed automatically by the operating system as part of Acer-provided system processes. The program is executed with elevated privileges and operates without user interaction. The software is no longer actively maintained by the vendor.

Vulnerability Description

A local privilege escalation vulnerability exists in ListCheck.exe developed by Acer. Due to insecure file permissions, the executable is writable by all users. An attacker can replace ListCheck.exe with a malicious executable of the same name.

ListCheck.exe is executed by a privileged system process. When the modified executable is subsequently executed, the attacker-controlled binary runs with elevated privileges, resulting in local privilege escalation.

The vulnerability affects ListCheck.exe version 4.0.0.1 and earlier. All known versions are vulnerable.

Impact:
Successful exploitation allows an authenticated local attacker to escalate privileges on the affected system, potentially leading to full system compromise.

Remediation:
ListCheck.exe is no longer maintained by the vendor and no security updates are available. The recommended solution is to remove the software from affected systems.