Lucene search

IcscertCVELIST:CVE-2023-36853

HistoryJul 19, 2023 - 9:57 p.m.

CVE-2023-36853 Keysight Geolocation Server Exposed Dangerous Method or Function

2023-07-1921:57:57

CWE-749

icscert

www.cve.org

cve-2023-36853

keysight

geolocation

server

vulnerability

privileged attacker

local zip file

malicious script

dll

system privileges

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.2%

JSON

In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. The attacker could abuse this to load a DLL with SYSTEM privileges.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "N6845A Geolocation Server",
    "vendor": "Keysight Technologies",
    "versions": [
      {
        "lessThanOrEqual": "2.4.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.cisa.gov/news-events/ics-advisories/icsa-23-199-02

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.2%

JSON

Related for CVELIST:CVE-2023-36853