Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentMitreVULNRICHMENT:CVE-2024-23773
HistoryApr 30, 2024 - 12:00 a.m.

CVE-2024-23773

2024-04-3000:00:00
mitre
github.com
1
quest kace agent
windows
arbitrary file delete
kschedulersvc.exe
local attackers
nt authority\system

AI Score

7

Confidence

Low

EPSS

0

Percentile

10.7%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:quest:kace_systems_management_appliance:*:*:*:*:*:*:*:*"
    ],
    "vendor": "quest",
    "product": "kace_systems_management_appliance",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "13.1.25",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThan": "13.2.24",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Related

cve 1
cvelist 1
nvd 1
cve
cve
CVE-2024-23773
2024-04-30 14:15:15
cvelist
cvelist
CVE-2024-23773
2024-04-30 00:00:00
nvd
nvd
CVE-2024-23773
2024-04-30 14:15:15

AI Score

7

Confidence

Low

EPSS

0

Percentile

10.7%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2024-23773
cve1cvelist1nvd1