19 matches found
EUVD-2019-20154
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...
CVE-2019-25718 Dräger Infinity Explorer C700 Privilege Escalation via Kiosk Mode Bypass
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...
CVE-2019-25718
Affected product: Dräger Infinity Explorer C700. Vulnerability: privilege escalation allowing kiosk-mode escape to reach the underlying OS via a specific dialog interaction. Impact: attacker can break out of kiosk mode, gain OS control, and cause the Delta Family patient monitor display to show i...
PT-2026-45627
Name of the Vulnerable Software and Affected Versions Dräger Infinity Explorer C700 affected versions not specified Description A privilege escalation issue allows attackers to break out of kiosk mode—a restricted user interface that limits access to specific applications—and access the underlyin...
CVE-2023-51772
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...
CVE-2023-48654
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the...
CVE-2023-48654
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the...
CVE-2023-51772
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...
CVE-2023-51772
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...
CVE-2023-51772
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...
Default credentials
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the...
Design/Logic Flaw
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...
CVE-2023-51772
CVE-2023-51772 affects One Identity Password Manager before 5.13.1. The vulnerability arises from the login screen’s Kiosk mode workflow, which launches a Chromium-based browser to reset Active Directory passwords. The root cause enables an attacker to escape the kiosk sandbox by navigating throu...
CVE-2023-51772
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...
CVE-2023-48654
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the...
CVE-2023-48654
One Identity Password Manager before 5.13.1 is affected by a Kiosk Escape privilege escalation. The vulnerability allows an attacker to break out of the kiosk-embedded Chromium browser on the Windows login screen and launch cmd.exe as NT AUTHORITY\SYSTEM, enabling high-privilege access. The escap...
PT-2023-31890 · One Identity +2 · One Identity Password Manager +2
Name of the Vulnerable Software and Affected Versions: One Identity Password Manager versions prior to 5.13.1 Description: The issue allows Kiosk Escape, affecting the product's functionality to reset Active Directory passwords on the login screen of a Windows client. It launches a Chromium-based...
One Identity Password Manager Kiosk Escape Privilege Escalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Kiosk Escape Privilege Escalation product: One Identity Password Manager Secure Password Extension vulnerable version: 5.13.1 fixed version: 5.13.1 CVE number:...
PT-2023-30875 · One Identity +2 · One Identity Password Manager +2
Name of the Vulnerable Software and Affected Versions: One Identity Password Manager versions prior to 5.13.1 Description: The issue allows Kiosk Escape in One Identity Password Manager, which enables users to reset their Active Directory passwords on the login screen of a Windows client. It...