Lucene search
42GearsCVELIST:CVE-2023-2331HistoryApr 27, 2023 - 11:51 a.m.
CVE-2023-2331 Bypassing hardening via Unquoted Service path vulnerability
2023-04-2711:51:45
CWE-428
42Gears
www.cve.org
1
cve-2023-2331
bypassing hardening
unquoted service path
42gears surelock
arbitrary code
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
Unquoted service Path or Element vulnerability in 42Gears Surelock Windows SureLock Service (NixService.Exe) on Windows application will allows to insert arbitrary code into the service.
This issue affects Surelock Windows : from 2.3.12 through 2.40.0.
CNA Affected
[
{
"collectionURL": "https://mars.42gears.com/support/inout/surelockwinsetupv2.40.0.exe",
"defaultStatus": "unaffected",
"packageName": "SureLock Service (NixService.exe)",
"platforms": [
"Windows"
],
"product": "Surelock Windows ",
"vendor": "42Gears",
"versions": [
{
"lessThanOrEqual": "2.40.0",
"status": "affected",
"version": "2.3.12",
"versionType": "patch"
}
]
}
]References
Related
cve
cve
CVE-2023-2331
2023-04-27 12:15:09
prion
prion
Path traversal
2023-04-27 12:15:00
nvd
nvd
CVE-2023-2331
2023-04-27 12:15:09
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2023-2331