QND vulnerable to privilege escalation

Overview QND provided by QualitySoft Corporation contains the following vulnerability. Privilege Chaining CWE-268 - CVE-2025-64701 Tongren Chen of PwC Consulting LLC reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

JVN#57749899: The installer of e-Tax software(common program) vulnerable to privilege escalation

The installer of e-Tax softwarecommon program provided by National Tax Agency contains a vulnerability which allows uploading a malicious DLL to be executed with higher privileges than that of an general user by altering registry CWE-268. Impact A malicious DLL prepared by an attacker may be...

JVN#80476232: SR-7100VN vulnerable to privilege escalation

SR-7100VN provided by ICOM INCORPORATED contains a privilege escalation vulnerability CWE-268. Impact A user with an administrator privilege of the product may obtain administrative privileges of the OS Operating System. As a result, an arbitrary OS command may be executed by the user. Solution...

CVE-2022-26118

A privilege chaining vulnerability CWE-268 in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable...

Privilege escalation

A privilege chaining vulnerability CWE-268 in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable...

CVE-2022-26118

A privilege chaining vulnerability CWE-268 in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable...

CVE-2022-26118

CVE-2022-26118 describes a privilege escalation in Fortinet FortiManager and FortiAnalyzer. The issue involves incorrect permissions on certain folders and executable files, allowing a local, authenticated attacker with a restricted shell to escalate to root. Affected ranges include FortiManager ...

CVE-2022-26118

A privilege chaining vulnerability CWE-268 in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable...

FortiManager & FortiAnalyzer - Privilege escalation vulnerability

A privilege chaining vulnerability CWE-268 in FortiManager and FortiAnalyzer may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable files on the system...

JVN#25422698: SKYSEA Client View vulnerable to privilege escalation

SKYSEA Client View provided by Sky Co., LTD. is an Enterprise IT Asset Management Tool. SKYSEA Client View contains a privilege escalation vulnerability CWE-268. Impact A user who can login to the PC where the product is installed may obtain unauthorized privileges and modify/obtain sensitive...