Japan Vulnerability NotesJVN:49068796JVN#49068796: Multiple MOTEX products vulnerable to privilege escalation
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.6%
LanScope Cat and LanScope An provided by MOTEX Inc. contain a privilege escalation vulnerability.
Impact
An user who can login to the PC where the vulnerable product is installed may obtain unauthorized privileges and execute arbitrary code.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- LanScope Cat prior to Ver.9.2.1.0
- LanScope Cat client program (MR)
- LanScope Cat detection agent (DA)
- LanScope Cat prior to Ver.9.2.2.0
- LanScope Cat server monitoring agent (SA, SAE)
- LanScope An prior to Ver 2.7.7.0 (LanScope An 2 series)
- LanScope An prior to Ver 3.0.8.1 (LanScope An 3 series)
Related
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.6%