Design/Logic Flaw

2022-09-1921:15:00

PRIOn knowledge base

www.prio-n.com

suprema biostar

vulnerability

privilege escalation

system administrator

put request

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.2%

JSON

A vulnerability in Suprema BioStar (aka Bio Star) 2 v2.8.16 allows attackers to escalate privileges to System Administrator via a crafted PUT request to the update profile page.

CPENameOperatorVersion
biostar_2eq2.8.16

CPE	Name	Operator	Version
	biostar_2	eq	2.8.16

References

nobugescapes.com/blog/privilege-escalation-from-user-operator-to-system-administrator/

nobugescapes.com/wp-content/uploads/2022/08/Part1.docx