Lucene search
+L

550 matches found

BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.8 views

The vulnerability of the MmMapIoSpace function in Ballistix MOD Utility software allows a hacker to increase their privileges.

The vulnerability of the MmMapIoSpace function in Ballistix MOD Utility software is related to access control deficiencies. Exploiting this vulnerability can allow attackers to elevate their privileges to “NT AUTHORITY\SYSTEM” by interacting with physical memory...

7.8CVSS7.4AI score0.0052EPSS
Exploits1References3Affected Software1
Metasploit
Metasploit
added 2024/11/21 6:54 p.m.284 views

Ivanti EPM Agent Portal Command Execution

This module leverages an unauthenticated RCE in Ivanti's EPM Agent Portal where a RPC client can invoke a method which will run an attacker-specified string on the remote target as NT AUTHORITY\SYSTEM. This vulnerability is present in versions prior to EPM 2021.1 Su4 and EPM 2022 Su2. Module...

9.8CVSS9.3AI score0.12904EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/11/21 12:0 a.m.360 views

Ivanti EPM Agent Portal Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/msnrtp/client' class MetasploitModule 'Ivanti EPM Agent Portal Command Execution', 'Description' = %q This module leverages an unauthenticated RCE in...

9.8CVSS7.4AI score0.12904EPSS
Exploits5
NVD
NVD
added 2024/11/15 10:15 p.m.44 views

CVE-2024-9500

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...

7.8CVSS0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 9:24 p.m.75 views

CVE-2024-9500 Autodesk ADP Desktop SDK Privilege Escalation Vulnerability

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...

7.8CVSS0.00189EPSS
Exploits0References1
CVE
CVE
added 2024/11/15 9:24 p.m.184 views

CVE-2024-9500

CVE-2024-9500 concerns Autodesk Installer. Multiple connected sources confirm a vulnerability where a malicious DLL placed in the installer’s temporary files/folders can escalate privileges to NT AUTHORITY/SYSTEM due to insecure privilege management. Affected component is the Autodesk Installer (...

7.8CVSS7.2AI score0.00189EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/15 9:24 p.m.26 views

CVE-2024-9500 Autodesk ADP Desktop SDK Privilege Escalation Vulnerability

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...

7.8CVSS7.5AI score0.00189EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/15 3:21 p.m.17 views

CVE-2023-20036 Cisco Industrial Network Director Command Injection Vulnerability

A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. This vulnerability is due to improper input validation when uploading a Device Pack. An...

9.9CVSS8AI score0.1272EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/08 12:15 p.m.15 views

CVE-2024-50592 Local Privilege Escalation via Race Condition

An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a race condition in the Elefant Update Service during the repair or update process. When using the repair function, the service queries the server for a lis...

7.1AI score0.00176EPSS
Exploits0References2
CVE
CVE
added 2024/11/08 12:15 p.m.51 views

CVE-2024-50592

CVE-2024-50592 describes a local privilege escalation in HASOMED Elefant software, via a race condition in the Elefant Update Service during repair/update. An attacker with local access can exploit the window between copying vulnerable executables to a user-writable folder (C:\Elefant1) and the f...

7CVSS7AI score0.00176EPSS
Exploits0References3
CVE
CVE
added 2024/11/08 12:1 p.m.50 views

CVE-2024-50591

CVE-2024-50591 affects the Elefant Software Updater (ESU) on Windows. The vulnerability is a local privilege escalation via a command-injection flaw in the ESU service (running as NT AUTHORITY\SYSTEM) that can be triggered by sending a crafted MessageType.SupportServiceInfos message to the local ...

7.8CVSS7.7AI score0.02005EPSS
Exploits0References3
CVE
CVE
added 2024/11/08 11:45 a.m.54 views

CVE-2024-50590

Elefant software (HASOMED Elefant) on Windows is affected by a local privilege escalation due to writable service binaries. The default install directory is C:\Elefant1, which is writable by all users, and the Elefant installer registers two Firebird database services running as NT AUTHORITY\SYST...

7.8CVSS7.6AI score0.00189EPSS
Exploits0References3
NVD
NVD
added 2024/11/08 9:15 a.m.18 views

CVE-2024-50588

An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the database includes patient data and login credentials among other sensitive data. In addition, this enabl...

9.8CVSS0.00676EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/08 12:0 a.m.5 views

PT-2024-34347 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Elefant versions prior to 1.4.2.1811 Description: An attacker with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITYSYSTEM" by exploiting a race condition in the Elefant Update Service...

7CVSS7.7AI score0.00176EPSS
Exploits0References8
OSV
OSV
added 2024/10/22 4:15 p.m.6 views

CVE-2022-23862

A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX service running on port 9696 is vulnerable to JMX MLet attacks. Because the service did not enforce authentication and was running under the "NT Authority\System" user, an attacker is able to use the...

7.8CVSS6.1AI score0.00487EPSS
Exploits2References3
NVD
NVD
added 2024/10/09 5:15 p.m.29 views

CVE-2024-9473

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install...

7.8CVSS0.00287EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/10/09 5:7 p.m.39 views

CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install...

5.2CVSS0.00287EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/09 5:7 p.m.35 views

CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install...

5.2CVSS7.2AI score0.00287EPSS
Exploits1References2
CVE
CVE
added 2024/10/09 5:7 p.m.112 views

CVE-2024-9473

CVE-2024-9473 affects the Palo Alto Networks GlobalProtect App on Windows. The issue is a local privilege escalation via the MSI repair functionality used during installation, allowing a locally authenticated non-admin user to elevate to NT AUTHORITY/SYSTEM. Affected versions are GlobalProtect Ap...

7.8CVSS7.9AI score0.00287EPSS
Exploits1References3Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2024/10/09 4:0 p.m.34 views

GlobalProtect App: Local Privilege Escalation (PE) Vulnerability

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install...

5.2CVSS8.1AI score0.00287EPSS
Exploits1References1
Rows per page
Query Builder