Plex Media Server -- security vulnerability
Plex Security Team reports:
We have recently been made aware of a security vulnerability in Plex Media Server versions prior to 1.25.0 that could allow a local Windows user to obtain administrator privileges without authorization. To be clear, this required the user to already have local, physical access to the computer (just with a different user account on Windows). There are no indications that this exploit could be used from a remote machine.
Plex Media Server versions 188.8.131.5282 and newer are not subject to this vulnerability, and feature additional hardening to prevent similar issues from occurring in the future. Users running older server versions are encouraged to update their Plex Media Server installations.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright