5 matches found
CVE-2018-18255
CVE-2018-18255 affects CapMon Access Manager 5.4.1.1005. The issue involves named-pipe communication between client applications and AccessManagerCoreService.exe, where a user can initiate interaction by creating a named pipe and sending commands to achieve elevated privileges. The CVE is documen...
CVE-2018-18256
CapMon Access Manager 5.4.1.1005 has a local privilege escalation: a regular user can obtain local administrator privileges by running any whitelisted application via the Custom App Launcher. The connected documents confirm the affected product/version and the impact (privilege escalation to admi...
CVE-2018-18253
CapMon Access Manager 5.4.1.1005 is affected. The issue centers on CALRunElevated.exe: it temporarily adds an unprivileged user to the local Administrators group to run a single command, but if the command crashes the user may remain in the Administrators group, and a race condition exists in all...
CVE-2018-18254
CVE-2018-18254 affects CapMon Access Manager 5.4.1.1005. An unprivileged user can read the CAL (Custom App Launcher) database table cal_whitelist, enabling potential privilege escalation by placing a Trojan horse program at an app pathname. Root cause is access to sensitive CAL data leading to el...
CVE-2018-18252
CVE-2018-18252 affects CapMon Access Manager 5.4.1.1005. The CALRunElevated.exe component allows an unprivileged user to obtain NT AUTHORITY\SYSTEM privileges via the --system option, constituting a local privilege escalation. The vulnerability is documented in NVD/CNVD records with CVSSv2/v3 bas...