Lucene search
K

327 matches found

BDU FSTEC
BDU FSTEC
added 2024/04/12 12:0 a.m.6 views

The vulnerability of the software for updating Intel Driver & Support Assistant (DSA) stems from deficiencies in access control mechanisms, allowing attackers to trigger a service failure.

The vulnerability of the software for updating Intel Driver & Support Assistant DSA is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00184EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/22 12:0 a.m.5 views

The vulnerability of the device driver update application, Intel Driver and Support Assistant, related to access control deficiencies, allows a hacker to escalate their privileges.

The vulnerability of the Intel Driver and Support Assistant application for updating device drivers is related to access control deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.3CVSS6.5AI score0.00181EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.3 views

PT-2024-1872 · Intel · Intel Driver & Support Assistant

Name of the Vulnerable Software and Affected Versions: Intel Driver & Support Assistant versions prior to 23.4.33 Description: The issue is related to improper access control in Intel Driver & Support Assistant software, which may allow an authenticated user to potentially enable escalation of...

8.8CVSS7.4AI score0.00199EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2023/12/25 7:15 a.m.2 views

CVE-2023-28872

Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\Temp\NcpSupport location...

8.8CVSS6AI score0.00774EPSS
Exploits1References2
OSV
OSV
added 2023/12/25 7:15 a.m.5 views

CVE-2023-28872

Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\Temp\NcpSupport location...

8.8CVSS5.8AI score0.00774EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/12/25 12:0 a.m.3 views

NCP Secure Enterprise Client Security Vulnerability

NCP Secure Enterprise Client is a VPN Virtual Private Network client application from NCP Germany. A security vulnerability exists in NCP Secure Enterprise Client versions prior to 13.10, which originates in Support Assistant that allows an attacker to execute DLL files with system privileges by...

8.8CVSS6.9AI score0.00774EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/12/25 12:0 a.m.14 views

CVE-2023-28872

Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\Temp\NcpSupport location...

7.1AI score0.00774EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/12/25 12:0 a.m.23 views

CVE-2023-28872

Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\Temp\NcpSupport location...

8.9AI score0.00774EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.6 views

The vulnerability of the DSA service in the Intel Driver & Support Assistant software allows a hacker to escalate their privileges and execute arbitrary code.

The vulnerability of the DSA service in the Intel Driver & Support Assistant software for updating drivers is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

7.8CVSS7.5AI score0.00246EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2023/12/13 12:0 a.m.29 views

(0Day) Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.5AI score0.00246EPSS
Exploits0
NVD
NVD
added 2023/12/09 7:15 a.m.30 views

CVE-2023-28868

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link...

8.1CVSS0.00852EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/12/09 7:15 a.m.3 views

CVE-2023-28870

Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts...

6.5CVSS5.9AI score0.00701EPSS
Exploits1References2
OSV
OSV
added 2023/12/09 7:15 a.m.3 views

CVE-2023-28868

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link...

8.1CVSS5.9AI score0.00852EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/12/09 7:15 a.m.3 views

CVE-2023-28869

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents of arbitrary files on the operating system by creating a symbolic link...

6.5CVSS6AI score0.00768EPSS
Exploits1References2
NVD
NVD
added 2023/12/09 7:15 a.m.15 views

CVE-2023-28870

Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts...

6.5CVSS0.00701EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/12/09 7:15 a.m.4 views

CVE-2023-28868

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link...

8.1CVSS6AI score0.00852EPSS
Exploits1References2
OSV
OSV
added 2023/12/09 7:15 a.m.6 views

CVE-2023-28870

Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts...

6.5CVSS5.8AI score0.00701EPSS
Exploits1References1
Prion
Prion
added 2023/12/09 7:15 a.m.17 views

Design/Logic Flaw

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to read registry information of the operating system by creating a symbolic link...

4CVSS6.7AI score0.00594EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/12/09 7:15 a.m.12 views

Code injection

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents of arbitrary files on the operating system by creating a symbolic link...

4CVSS7.1AI score0.00768EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/12/09 7:15 a.m.13 views

Code injection

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link...

5.5CVSS7.2AI score0.00852EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder