216.73.217.98

CVE-2024-38456

· Published 03/09/2024 18:15 · Modified 03/09/2024 20:35

Labels: CVE-2024-38456 2024-09-03CVE-2024-38456CWE-732[email protected]

Essential information

Published
03/09/2024 18:15
Modified
03/09/2024 20:35
Author
Creator
CVSS
7.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References