Hi @abs1813,
This can be done not by directly accessing a mentioned job in Orchestrator but by using the downloaded process nuget in the robot machine. A user not mentioned in Orchestrator but having admin privileges can run UiPath robot processes.
The AD user with admin rights to the robot machine can install a Robot instance of UiPath and access the already installed Process and run the process using Task Scheduler and UiRobot.exe.
That said, the probability of this happening is low as you can have a group-policy on the use of the VDI/Server/VM of the robot machine.
A simple script can run robot processes:
UiRobot.exe execute --file yourpackagefullpath.nupkg
I have more details on how to automate this here: .net robot launching question - Help / Robot - UiPath Community Forum
So if you are preparing a risk analysis document then I would suggest you have to consider this attack vector.
Risk reducing measures:
- Group-policy to avoid access to the Robot Machine
- The nuget location used can have a symbolic link to robot user that way the admin can see the folder but the contents are blocked to access
- Nuget folder location only accessible by Robot User/s
Hope this gives you some ideas.
ashokkarale
Anil_G
Yoichi
edevries
mateuszmacheta
naveen.s
Vijayan_Sathyagiri_EXTERN
furkan.cosan
HaticeKubraYilmaz
emmamartin11233