HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.
Metrics
Affected Vendors & Products
References
History
Tue, 03 Sep 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-732 | |
Metrics |
cvssV3_1
|
Tue, 03 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 03 Sep 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-09-03T00:00:00
Updated: 2024-09-03T19:21:24.895Z
Reserved: 2024-06-16T00:00:00
Link: CVE-2024-38456
Vulnrichment
Updated: 2024-09-03T18:03:24.618Z
NVD
Status : Awaiting Analysis
Published: 2024-09-03T18:15:08.260
Modified: 2024-11-21T09:25:55.710
Link: CVE-2024-38456
Redhat
No data.