DeepSurface Security Advisory: Local Privilege Escalation in Octopus Deploy on Windows (CVE-2021-26556)
Octopus Deploy is a popular DevOps automation platform that enables teams to more efficiently manage configuration, API keys, and permissions. Octopus Server allows users to self-host this platform, and is installed as a service on the host. This service runs as Local System and is a very impactful target for local privilege escalation exploits.