36 matches found
CVE-2025-15552
Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...
CVE-2025-15553
Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...
EUVD-2025-208695
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
CVE-2025-15553
Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...
CVE-2025-15552
Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...
CVE-2025-15554 Admin Passwords Cached by Browsers in Truesec LAPSWebUI
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
CVE-2025-15554
The CVE-2025-15554 issue affects Truesec’s LAPSWebUI prior to 2.4, where browser caching of LAPS passwords can enable local privilege escalation if an attacker has workstation access. The reports consistently describe the vulnerability as arising from how passwords are stored in the browser cache...
CVE-2025-15554
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
CVE-2025-15553 Insecure Logout Functionality in Truesec LAPSWebUI
Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...
CVE-2025-15553 Insecure Logout Functionality in Truesec LAPSWebUI
Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...
CVE-2025-15553
CVE-2025-15553 affects Truesec’s LAPSWebUI prior to version 2.4. The issue is a non-working logout function that can permit an attacker with workstation access to escalate privileges by disclosure of the local admin password. The vulnerability’s impact is described as privilege escalation with hi...
CVE-2025-15552
CVE-2025-15552 affects Truesec LAPSWebUI prior to version 2.4. The root cause is insufficient session expiration, which can allow a workstation-occupied attacker to escalate privileges by disclosure of the local admin password. The available connected sources corroborate a local-attack vector wit...
CVE-2025-15552 Long Session Lifetime in Truesec LAPSWebUI
Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...
CVE-2025-15552
Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...
CVE-2025-15552 Long Session Lifetime in Truesec LAPSWebUI
Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...
Truesec LAPSWebUI 安全漏洞
Truesec LAPSWebUI is a web-based management interface provided by the Swedish company Truesec. Versions of Truesec LAPSWebUI prior to version 2.4 contained security vulnerabilities. These vulnerabilities stemmed from a malfunctioning logout function, which could allow attackers to gain elevated...
PT-2026-25675
Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...
Truesec LAPSWebUI 安全漏洞
Truesec LAPSWebUI is a web-based management interface provided by the Swedish company Truesec. Versions of Truesec LAPSWebUI prior to version 2.4 contained security vulnerabilities. These vulnerabilities were due to insufficient session expiration mechanisms, which could allow attackers to gain...
PT-2026-25677
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
PT-2026-25676
Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...