By Cim Stordal March 1, 2021
Welcome back to our Pwn2Own or Not2Pwn series about our Schneider Electric EcoStruxure Operator Terminal Expert exploit attempt. To catch you up: In part 1, we gave an overview of the full chain. In part 2, we detailed the initial code execution exploit, and in part 2.5, we offered an additional set of vulnerabilities that can be used for code execution. In this final entry in the series, we’ll detail how to escalate privileges into system-level privileges.