Lucene search
+L

38 matches found

vulnrichment
vulnrichment
added 2023/04/19 12:0 a.m.6 views

CVE-2023-28124

Improper usage of symmetric encryption in UI Desktop for Windows Version 0.59.1.71 and earlier could allow users with access to UI Desktop configuration files to decrypt their content.This vulnerability is fixed in Version 0.62.3 and later...

5.4AI score0.00081EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/04/19 12:0 a.m.9 views

PT-2023-21580 · Unknown · Ui Desktop For Windows

Name of the Vulnerable Software and Affected Versions: UI Desktop for Windows versions 0.59.1.71 and earlier Description: A local privilege escalation issue in UI Desktop for Windows allows a malicious actor with local access to a Windows device to submit arbitrary commands as SYSTEM. This issue ...

7.8CVSS7.7AI score0.00157EPSS
Exploits1References2
cve
cve
added 2023/04/19 12:0 a.m.55 views

CVE-2023-28124

CVE-2023-28124 concerns UI Desktop for Windows (versions 0.59.1.71 and earlier). The flaw is improper use of symmetric encryption in configuration files, allowing users with access to those files to decrypt their content. The impact is confidentiality loss (config contents exposed). The issue is ...

5.5CVSS5.4AI score0.00081EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2023/04/19 12:0 a.m.4 views

PT-2023-21581 · Unknown · Ui Desktop For Windows

Name of the Vulnerable Software and Affected Versions: UI Desktop for Windows versions 0.59.1.71 and earlier Description: A permission misconfiguration could allow a user to hijack VPN credentials while UID VPN is starting. Recommendations: For versions 0.59.1.71 and earlier, update to version...

5.5CVSS5.4AI score0.00163EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2023/04/19 12:0 a.m.9 views

CVE-2023-28122

A local privilege escalation LPE vulnerability in UI Desktop for Windows Version 0.59.1.71 and earlier allows a malicious actor with local access to a Windows device running said application to submit arbitrary commands as SYSTEM.This vulnerability is fixed in Version 0.62.3 and later...

7.8AI score0.00157EPSS
Exploits1References1
cnnvd
cnnvd
added 2023/04/19 12:0 a.m.5 views

UI Desktop 加密问题漏洞

UI Desktop is a desktop management software from the UI community. A security vulnerability exists in UI Desktop versions prior to 0.62.3, which stems from the improper use of symmetric encryption, and can be exploited by an attacker to potentially gain access to configuration files and decrypt...

5.5CVSS5.7AI score0.00081EPSS
Exploits0References2
cve
cve
added 2023/04/19 12:0 a.m.56 views

CVE-2023-28122

CVE-2023-28122 describes a local privilege escalation in UI Desktop for Windows versions 0.59.1.71 and earlier . An attacker with local access can submit arbitrary commands as SYSTEM . The vulnerability is addressed by upgrading to version 0.62.3 or later. The initial description notes the impact...

7.8CVSS7.7AI score0.00157EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2023/04/19 12:0 a.m.33 views

CVE-2023-28123

A permission misconfiguration in UI Desktop for Windows Version 0.59.1.71 and earlier could allow an user to hijack VPN credentials while UID VPN is starting.This vulnerability is fixed in Version 0.62.3 and later...

5.6AI score0.00163EPSS
Exploits0References1
cvelist
cvelist
added 2023/04/19 12:0 a.m.35 views

CVE-2023-28122

A local privilege escalation LPE vulnerability in UI Desktop for Windows Version 0.59.1.71 and earlier allows a malicious actor with local access to a Windows device running said application to submit arbitrary commands as SYSTEM.This vulnerability is fixed in Version 0.62.3 and later...

7.9AI score0.00157EPSS
Exploits1References1
cvelist
cvelist
added 2023/04/19 12:0 a.m.20 views

CVE-2023-28124

Improper usage of symmetric encryption in UI Desktop for Windows Version 0.59.1.71 and earlier could allow users with access to UI Desktop configuration files to decrypt their content.This vulnerability is fixed in Version 0.62.3 and later...

5.7AI score0.00081EPSS
Exploits0References1
cnvd
cnvd
added 2022/09/28 12:0 a.m.19 views

UI Desktop Local Elevation of Privilege Vulnerability

UI Desktop is a desktop management software for the UI community. A local elevation of privilege vulnerability exists in UI Desktop for Windows prior to version 0.55.3.17, which stems from improper privilege management in the application, and can be exploited by an attacker to locally access a...

7.8CVSS7.7AI score0.00171EPSS
Exploits0References1
osv
osv
added 2022/09/23 2:15 p.m.6 views

CVE-2022-35257

A local privilege escalation vulnerability in UI Desktop for Windows Version 0.55.1.2 and earlier allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM...

7.8CVSS5.9AI score0.00171EPSS
Exploits0References1
nvd
nvd
added 2022/09/23 2:15 p.m.15 views

CVE-2022-35257

A local privilege escalation vulnerability in UI Desktop for Windows Version 0.55.1.2 and earlier allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM...

7.8CVSS0.00171EPSS
Exploits0References1
prion
prion
added 2022/09/23 2:15 p.m.18 views

Privilege escalation

A local privilege escalation vulnerability in UI Desktop for Windows Version 0.55.1.2 and earlier allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM...

4.3CVSS7.7AI score0.00171EPSS
Exploits0References1Affected Software1
cve
cve
added 2022/09/23 1:37 p.m.56 views

CVE-2022-35257

UI Desktop for Windows ( Version 0.55.1.2 and earlier ) contains a local privilege escalation vulnerability that lets an attacker with local access execute arbitrary commands as SYSTEM. Root cause cited across sources is improper privilege management within UI Desktop. Affected versions include 0...

7.8CVSS7.8AI score0.00171EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2022/09/23 1:37 p.m.8 views

CVE-2022-35257

A local privilege escalation vulnerability in UI Desktop for Windows Version 0.55.1.2 and earlier allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM...

7.8AI score0.00171EPSS
Exploits0References1
cvelist
cvelist
added 2022/09/23 1:37 p.m.24 views

CVE-2022-35257

A local privilege escalation vulnerability in UI Desktop for Windows Version 0.55.1.2 and earlier allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM...

8AI score0.00171EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/09/23 12:0 a.m.6 views

UI Desktop 安全漏洞

UI Desktop is a desktop management software for the UI community. A local elevation of privilege vulnerability exists in UI Desktop for Windows prior to version 0.55.3.17, which stems from improper privilege management in the application, and can be exploited by an attacker to locally access a...

7.8CVSS7AI score0.00171EPSS
Exploits0References2
Rows per page
Query Builder