Lucene search

[email protected]NVD:CVE-2024-41143

HistoryJul 29, 2024 - 9:15 a.m.

CVE-2024-41143

2024-07-2909:15:02

CWE-346

[email protected]

web.nvd.nist.gov

cve-2024-41143

skysea client view

origin validation error

arbitrary process execution

system privilege

windows client

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.4%

JSON

Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product’s Windows client is installed.

Affected configurations

Nvd

Node

skygroupskysea_client_viewRange3.013.00–19.210.04e

VendorProductVersionCPE
skygroupskysea_client_view*cpe:2.3:a:skygroup:skysea_client_view:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
skygroup	skysea_client_view	*	cpe:2.3:a:skygroup:skysea_client_view::::::::

References

jvn.jp/en/jp/JVN84326763/

www.skyseaclientview.net/news/240729_02/

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.4%

JSON

Related for NVD:CVE-2024-41143

cve1 cvelist1 vulnrichment1 jvn1