Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:25 a.m.8 views

CVE-2024-50590

Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. ...

7.8CVSS7AI score0.00189EPSS
Exploits0References1
OSV
OSV
added 2025/04/11 2:15 a.m.5 views

CVE-2025-0120

A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user can also...

7CVSS5.9AI score0.00141EPSS
Exploits0References1
NVD
NVD
added 2024/11/08 1:15 p.m.18 views

CVE-2024-50592

An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a race condition in the Elefant Update Service during the repair or update process. When using the repair function, the service queries the server for a lis...

7CVSS0.00176EPSS
Exploits0References3
CVE
CVE
added 2024/11/08 12:15 p.m.50 views

CVE-2024-50592

CVE-2024-50592 describes a local privilege escalation in HASOMED Elefant software, via a race condition in the Elefant Update Service during repair/update. An attacker with local access can exploit the window between copying vulnerable executables to a user-writable folder (C:\Elefant1) and the f...

7CVSS7AI score0.00176EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/08 12:15 p.m.23 views

CVE-2024-50592 Local Privilege Escalation via Race Condition

An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a race condition in the Elefant Update Service during the repair or update process. When using the repair function, the service queries the server for a lis...

0.00176EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/08 12:1 p.m.8 views

CVE-2024-50591 Local Privilege Escalation via Command Injection

An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a command injection vulnerability in the Elefant Update Service. The command injection can be exploited by communicating with the Elefant Update Service whi...

7.3AI score0.02005EPSS
Exploits0References2
CVE
CVE
added 2024/11/08 12:1 p.m.48 views

CVE-2024-50591

CVE-2024-50591 affects the Elefant Software Updater (ESU) on Windows. The vulnerability is a local privilege escalation via a command-injection flaw in the ESU service (running as NT AUTHORITY\SYSTEM) that can be triggered by sending a crafted MessageType.SupportServiceInfos message to the local ...

7.8CVSS7.7AI score0.02005EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/08 12:1 p.m.17 views

CVE-2024-50591 Local Privilege Escalation via Command Injection

An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a command injection vulnerability in the Elefant Update Service. The command injection can be exploited by communicating with the Elefant Update Service whi...

0.02005EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/08 11:45 a.m.11 views

CVE-2024-50590 Local Privilege Escalation via Weak Service Binary Permissions

Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. ...

6.8AI score0.00189EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/08 11:45 a.m.20 views

CVE-2024-50590 Local Privilege Escalation via Weak Service Binary Permissions

Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. ...

0.00189EPSS
Exploits0References2
OSV
OSV
added 2022/04/05 6:15 a.m.5 views

CVE-2022-25154

A DLL hijacking vulnerability in Samsung portable SSD T5 PC software before 1.6.9 could allow a local attacker to escalate privileges. An attacker must already have user privileges on Windows 7, 10, or 11 to exploit this vulnerability...

7.3CVSS7.1AI score0.0023EPSS
Exploits0References1
Rows per page
Query Builder