Lucene search
K

97 matches found

Vulnrichment
Vulnrichment
added 2024/07/28 12:0 a.m.10 views

CVE-2024-42051

The MSI installer for Splashtop Streamer for Windows before 3.6.2.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by replacing InstRegExp.reg...

7.8CVSS7AI score0.00155EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/28 12:0 a.m.7 views

PT-2024-29711 · Splashtop · Splashtop Streamer

Name of the Vulnerable Software and Affected Versions: Splashtop Streamer for Windows versions prior to 3.6.2.0 Description: The MSI installer for Splashtop Streamer for Windows uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges...

7.8CVSS7.3AI score0.00155EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/07/28 12:0 a.m.14 views

CVE-2024-42053

The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a version.dll file in the folder...

7.8CVSS0.00155EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/28 12:0 a.m.7 views

Splashtop Streamer 安全漏洞

Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer prior to version 3.7.0.0, which originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploi...

7CVSS6.7AI score0.0014EPSS
Exploits0References3
CVE
CVE
added 2024/07/28 12:0 a.m.47 views

CVE-2024-42053

The CVE concerns Splashtop Streamer for Windows prior to version 3.6.0.0. The MSI installer creates a temporary folder with weak permissions, allowing a local attacker to place a malicious version.dll and escalate to SYSTEM during installation. Affected component: MSI installer for Windows; root ...

7.8CVSS7.2AI score0.00155EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/28 12:0 a.m.11 views

CVE-2024-42050

The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProviderInst.reg...

7CVSS7AI score0.0014EPSS
Exploits0References2
CVE
CVE
added 2024/07/28 12:0 a.m.71 views

CVE-2024-42052

The CVE-2024-42052 issue concerns the MSI installer for Splashtop Streamer for Windows prior to version 3.5.8.0. The installer uses a temporary folder with weak permissions during installation, allowing a local user to escalate privileges to SYSTEM by placing a wevtutil.exe file in that folder. A...

7.8CVSS7.2AI score0.00213EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/28 12:0 a.m.5 views

PT-2024-29713 · Splashtop · Splashtop Streamer

Name of the Vulnerable Software and Affected Versions: Splashtop Streamer for Windows versions prior to 3.6.0.0 Description: The issue concerns the MSI installer for Splashtop Streamer for Windows, which uses a temporary folder with weak permissions during installation. This weakness can be...

7.8CVSS7.3AI score0.00155EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/07/28 12:0 a.m.14 views

CVE-2024-42052

The MSI installer for Splashtop Streamer for Windows before 3.5.8.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder...

7.8CVSS6.9AI score0.00213EPSS
Exploits0References2
CVE
CVE
added 2024/07/28 12:0 a.m.75 views

CVE-2024-42050

The CVE-2024-42050 entry concerns Splashtop Streamer for Windows. The vulnerability stems from the MSI installer creating a temporary folder with weak permissions during installation, enabling a local user to escalate privileges to SYSTEM by triggering an oplock on CredProvider_Inst.reg. Affected...

7CVSS7.2AI score0.0014EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/07/28 12:0 a.m.6 views

Splashtop Streamer 安全漏洞

Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer prior to version 3.6.2.0, which originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploi...

7.8CVSS6.7AI score0.00155EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/28 12:0 a.m.6 views

PT-2024-29712 · Splashtop · Splashtop Streamer

Name of the Vulnerable Software and Affected Versions: Splashtop Streamer for Windows versions prior to 3.5.8.0 Description: The issue concerns the MSI installer for Splashtop Streamer for Windows, which uses a temporary folder with weak permissions during installation. A local user can exploit...

7.8CVSS7.3AI score0.00213EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2024/03/11 9:53 a.m.71 views

BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks

The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks. According to a new report from GuidePoint Security, which responded to a recent intrusion, the incident "began with the exploitatio...

10CVSS10AI score0.99984EPSS
Exploits72
Malwarebytes
Malwarebytes
added 2024/02/22 4:8 p.m.24 views

Why ransomware gangs love using RMM tools—and how to stop them

One of the most alarming trends our ThreatDown Intelligence team has noticed lately is the increased exploitation of legitimate Remote Monitoring and Management RMM tools by ransomware gangs in their attacks. RMM software, such as AnyDesk, Atera, and Splashtop, are essential for IT administrators...

8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/13 4:38 p.m.30 views

Remote Monitoring & Management software used in phishing attacks

Remote Monitoring & Management RMM software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today, streamlining tasks and ensuring network integrity from afar. However, these same tools have caught the eye of cybercriminals, who exploit them to...

7.7AI score
Exploits0
NVD
NVD
added 2024/01/25 4:15 p.m.29 views

CVE-2023-3181

The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...

7.8CVSS7.7AI score0.00179EPSS
Exploits0References1
OSV
OSV
added 2024/01/25 4:15 p.m.4 views

CVE-2023-3181

The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...

7.8CVSS5.5AI score
Exploits0References1
Prion
Prion
added 2024/01/25 4:15 p.m.20 views

Design/Logic Flaw

The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...

4.3CVSS7.2AI score0.00179EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/25 3:22 p.m.6 views

CVE-2023-3181 Insecure Permissions in Splashtop Software Updater

The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...

7.8CVSS7.7AI score0.00179EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/25 3:22 p.m.29 views

CVE-2023-3181 Insecure Permissions in Splashtop Software Updater

The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...

7.8CVSS7.8AI score0.00179EPSS
Exploits0References1
Rows per page
Query Builder