2 matches found
CVE-2023-27362
3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
CVE-2023-27362
CVE-2023-27362 (3CX) involves a vulnerability in 3CX where the OpenSSL configuration file is loaded from an unsecured location, enabling a local attacker who can run low-privilege code to escalate to SYSTEM and execute arbitrary code. The flaw is tied to the product’s OpenSSL configuration handli...