2 matches found
CVE-2023-53954
ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to...
CVE-2023-53954
CVE-2023-53954 concerns ActFax 10.10, which has an unquoted service path in the ActiveFaxServiceNT service. According to multiple sources, attackers with write access to Program Files can inject a malicious ActSrvNT.exe and, when the service restarts, achieve elevated system access. The vulnerabi...