HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.
History

Tue, 03 Sep 2024 21:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-732
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


Tue, 03 Sep 2024 20:30:00 +0000

Type Values Removed Values Added
References

Tue, 03 Sep 2024 18:00:00 +0000

Type Values Removed Values Added
Description HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-09-03T00:00:00

Updated: 2024-09-03T19:21:24.895Z

Reserved: 2024-06-16T00:00:00

Link: CVE-2024-38456

cve-icon Vulnrichment

Updated: 2024-09-03T18:03:24.618Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-09-03T18:15:08.260

Modified: 2024-11-21T09:25:55.710

Link: CVE-2024-38456

cve-icon Redhat

No data.