4 matches found
CVE-2024-39755
creationtimestamp| type| source ---|---|--- 2024-10-03 19:07:32+00:00| seen| https://t.me/cvedetector/6903...
CVE-2024-39755
A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG file can lead to execute priviledged operation. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
CVE-2024-39755
Veertu Anka Build 1.42.0 is affected by a privilege-escalation in the node update flow. Cisco Talos details a TOCTOU-style vulnerability: a low-privilege user can place a malicious PKG named ank aAgent.pkg in /tmp, which gets overwritten when a Node join/update triggers the download and installat...
Veertu Anka Build node agent update privilege escalation vulnerability
Talos Vulnerability Report TALOS-2024-2060 Veertu Anka Build node agent update privilege escalation vulnerability October 3, 2024 CVE Number CVE-2024-39755 SUMMARY A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG fil...