32 matches found
eVisitorPass elevation of privilege vulnerability (CNVD-2019-08629)
Threshold eVisitorPass is a visitor management system from Threshold Canada. A power-up vulnerability exists in Threshold eVisitorPass version 1.5.5.2. A local attacker can exploit the vulnerability to launch a command window...
eVisitorPass Default Management Credentials Vulnerability
Threshold eVisitorPass is a visitor management system from Threshold Canada. A security vulnerability exists in Threshold eVisitorPass version 1.5.5.2 that stems from the program's use of default administrative credentials. A local attacker could exploit the vulnerability to gain full access to t...
CVE-2018-17493
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program and launch other...
CVE-2018-17497
eVisitorPass contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application...
CVE-2018-17496
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode. By visiting the kiosk and typing ctrl+shift+esc, an attacker could exploit this vulnerability to open the task manager to kill the process or launch new processes on the...
CVE-2018-17496
CVE-2018-17496 affects the eVisitorPass kiosk application. The vulnerability stems from an error in kiosk mode that, when a user visits the kiosk and presses ctrl+shift+esc, allows opening the Task Manager to kill or launch processes, enabling local privilege escalation. The NVD description notes...
CVE-2018-17494
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Start Menu. By visiting the kiosk and pressing windows key twice, an attacker could exploit this vulnerability to close the program and launch other processes on the...
CVE-2018-17495
CVE-2018-17495 affects eVisitorPass (visitor management system). The vulnerability arises from an error in the Virtual Keyboard Help Dialog, enabling a local attacker to gain elevated privileges. By visiting the kiosk and removing the program from fullscreen, an attacker can use the terminal to l...
CVE-2018-17493
CVE-2018-17493 is an eVisitorPass vulnerability (kiosk mode) where an error with the Fullscreen button allows a local attacker to gain elevated privileges. By visiting the kiosk and clicking the fullscreen control, an attacker could close the application and launch other processes on the system. ...
CVE-2018-17494
CVE-2018-17494 describes a local privilege-escalation in the eVisitorPass kiosk system involving the Virtual Keyboard Start Menu. According to the description, when a user visits the kiosk and presses the Windows key twice, an error in the Virtual Keyboard Start Menu could enable a local attacker...
CVE-2018-17497
CVE-2018-17497 affects eVisitorPass. It reports default administrative credentials that could let a local attacker gain full access to the application. CVSSv3.0 base score 7.8 (HIGH) with LOCAL access, low attack complexity, no user interaction, and HIGH confidentiality, integrity, and availabili...
CVE-2018-17495
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog. By visiting the kiosk and removing the program from fullscreen, an attacker could exploit this vulnerability using the terminal to launch the command prom...