Lucene search
HistoryApr 27, 2023 - 12:15 p.m.
CVE-2023-2331
cve-2023-2331
unquoted service path
42gears surelock
windows
vulnerability
nvd
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
Unquoted service Path or Element vulnerability in 42Gears Surelock Windows SureLock Service (NixService.Exe) on Windows application will allows to insert arbitrary code into the service.
This issue affects Surelock Windows : from 2.3.12 through 2.40.0.
Affected configurations
Node
42gearssurelockRange2.3.12β2.41.0windows
| CPE | Name | Operator | Version |
|---|---|---|---|
| 42gears:surelock | 42gears surelock | lt | 2.41.0 |
CNA Affected
[
{
"collectionURL": "https://mars.42gears.com/support/inout/surelockwinsetupv2.40.0.exe",
"defaultStatus": "unaffected",
"packageName": "SureLock Service (NixService.exe)",
"platforms": [
"Windows"
],
"product": "Surelock Windows ",
"vendor": "42Gears",
"versions": [
{
"lessThanOrEqual": "2.40.0",
"status": "affected",
"version": "2.3.12",
"versionType": "patch"
}
]
}
]Related
cvelist
cvelist
CVE-2023-2331 Bypassing hardening via Unquoted Service path vulnerability
2023-04-27 11:51:45
prion
prion
Path traversal
2023-04-27 12:15:00
nvd
nvd
CVE-2023-2331
2023-04-27 12:15:09
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2023-2331