Lucene search

[email protected]CVE-2023-41775

HistorySep 08, 2023 - 8:15 a.m.

CVE-2023-41775

2023-09-0808:15:07

[email protected]

web.nvd.nist.gov

cve-2023-41775

vulnerability

access control

'direct' desktop app

macos

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Improper access control vulnerability in ‘direct’ Desktop App for macOS ver 2.6.0 and earlier allows a local attacker to bypass access restriction and to use camrea, microphone, etc. of the device where the product is installed without the user’s consent.

Affected configurations

Vulners

NVD

Node

l_is_b_corp.\'direct\'_desktop_app_for_macosMatch2.6.0

CPENameOperatorVersion
l-is-b:directl-is-b directle2.6.0

CPE	Name	Operator	Version
l-is-b:direct	l-is-b direct	le	2.6.0

CNA Affected

[
  {
    "vendor": "L is B Corp.",
    "product": "'direct' Desktop App for macOS",
    "versions": [
      {
        "version": "ver 2.6.0 and earlier",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN42691027/

status.direct4b.com/2023/08/31/2023083101/

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-41775

jvn1 cvelist1 prion1 nvd1