38 matches found
CVE-2023-28124
Improper usage of symmetric encryption in UI Desktop for Windows Version 0.59.1.71 and earlier could allow users with access to UI Desktop configuration files to decrypt their content.This vulnerability is fixed in Version 0.62.3 and later...
PT-2023-21580 · Unknown · Ui Desktop For Windows
Name of the Vulnerable Software and Affected Versions: UI Desktop for Windows versions 0.59.1.71 and earlier Description: A local privilege escalation issue in UI Desktop for Windows allows a malicious actor with local access to a Windows device to submit arbitrary commands as SYSTEM. This issue ...
CVE-2023-28124
CVE-2023-28124 concerns UI Desktop for Windows (versions 0.59.1.71 and earlier). The flaw is improper use of symmetric encryption in configuration files, allowing users with access to those files to decrypt their content. The impact is confidentiality loss (config contents exposed). The issue is ...
PT-2023-21581 · Unknown · Ui Desktop For Windows
Name of the Vulnerable Software and Affected Versions: UI Desktop for Windows versions 0.59.1.71 and earlier Description: A permission misconfiguration could allow a user to hijack VPN credentials while UID VPN is starting. Recommendations: For versions 0.59.1.71 and earlier, update to version...
CVE-2023-28122
A local privilege escalation LPE vulnerability in UI Desktop for Windows Version 0.59.1.71 and earlier allows a malicious actor with local access to a Windows device running said application to submit arbitrary commands as SYSTEM.This vulnerability is fixed in Version 0.62.3 and later...
UI Desktop 加密问题漏洞
UI Desktop is a desktop management software from the UI community. A security vulnerability exists in UI Desktop versions prior to 0.62.3, which stems from the improper use of symmetric encryption, and can be exploited by an attacker to potentially gain access to configuration files and decrypt...
CVE-2023-28122
CVE-2023-28122 describes a local privilege escalation in UI Desktop for Windows versions 0.59.1.71 and earlier . An attacker with local access can submit arbitrary commands as SYSTEM . The vulnerability is addressed by upgrading to version 0.62.3 or later. The initial description notes the impact...
CVE-2023-28123
A permission misconfiguration in UI Desktop for Windows Version 0.59.1.71 and earlier could allow an user to hijack VPN credentials while UID VPN is starting.This vulnerability is fixed in Version 0.62.3 and later...
CVE-2023-28122
A local privilege escalation LPE vulnerability in UI Desktop for Windows Version 0.59.1.71 and earlier allows a malicious actor with local access to a Windows device running said application to submit arbitrary commands as SYSTEM.This vulnerability is fixed in Version 0.62.3 and later...
CVE-2023-28124
Improper usage of symmetric encryption in UI Desktop for Windows Version 0.59.1.71 and earlier could allow users with access to UI Desktop configuration files to decrypt their content.This vulnerability is fixed in Version 0.62.3 and later...
UI Desktop Local Elevation of Privilege Vulnerability
UI Desktop is a desktop management software for the UI community. A local elevation of privilege vulnerability exists in UI Desktop for Windows prior to version 0.55.3.17, which stems from improper privilege management in the application, and can be exploited by an attacker to locally access a...
CVE-2022-35257
A local privilege escalation vulnerability in UI Desktop for Windows Version 0.55.1.2 and earlier allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM...
CVE-2022-35257
A local privilege escalation vulnerability in UI Desktop for Windows Version 0.55.1.2 and earlier allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM...
Privilege escalation
A local privilege escalation vulnerability in UI Desktop for Windows Version 0.55.1.2 and earlier allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM...
CVE-2022-35257
UI Desktop for Windows ( Version 0.55.1.2 and earlier ) contains a local privilege escalation vulnerability that lets an attacker with local access execute arbitrary commands as SYSTEM. Root cause cited across sources is improper privilege management within UI Desktop. Affected versions include 0...
CVE-2022-35257
A local privilege escalation vulnerability in UI Desktop for Windows Version 0.55.1.2 and earlier allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM...
CVE-2022-35257
A local privilege escalation vulnerability in UI Desktop for Windows Version 0.55.1.2 and earlier allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM...
UI Desktop 安全漏洞
UI Desktop is a desktop management software for the UI community. A local elevation of privilege vulnerability exists in UI Desktop for Windows prior to version 0.55.3.17, which stems from improper privilege management in the application, and can be exploited by an attacker to locally access a...