3 matches found
CVE-2025-15553
CVE-2025-15553 affects Truesec’s LAPSWebUI prior to version 2.4. The issue is a non-working logout function that can permit an attacker with workstation access to escalate privileges by disclosure of the local admin password. The vulnerability’s impact is described as privilege escalation with hi...
CVE-2025-15552
CVE-2025-15552 affects Truesec LAPSWebUI prior to version 2.4. The root cause is insufficient session expiration, which can allow a workstation-occupied attacker to escalate privileges by disclosure of the local admin password. The available connected sources corroborate a local-attack vector wit...
CVE-2025-15554
The CVE-2025-15554 issue affects Truesec’s LAPSWebUI prior to 2.4, where browser caching of LAPS passwords can enable local privilege escalation if an attacker has workstation access. The reports consistently describe the vulnerability as arising from how passwords are stored in the browser cache...