4 matches found
CVE-2022-35257
UI Desktop for Windows ( Version 0.55.1.2 and earlier ) contains a local privilege escalation vulnerability that lets an attacker with local access execute arbitrary commands as SYSTEM. Root cause cited across sources is improper privilege management within UI Desktop. Affected versions include 0...
CVE-2023-28122
CVE-2023-28122 describes a local privilege escalation in UI Desktop for Windows versions 0.59.1.71 and earlier . An attacker with local access can submit arbitrary commands as SYSTEM . The vulnerability is addressed by upgrading to version 0.62.3 or later. The initial description notes the impact...
CVE-2023-28124
CVE-2023-28124 concerns UI Desktop for Windows (versions 0.59.1.71 and earlier). The flaw is improper use of symmetric encryption in configuration files, allowing users with access to those files to decrypt their content. The impact is confidentiality loss (config contents exposed). The issue is ...
CVE-2023-28123
UI Desktop for Windows versions 0.59.1.71 and earlier contains a permission misconfiguration that could allow a user to hijack VPN credentials during UID VPN startup. The issue is fixed in version 0.62.3 and later. Affected component: UI Desktop (Windows). Root cause: improper permission handling...