Lucene search
JpcertVULNRICHMENT:CVE-2024-23847HistoryMay 31, 2024 - 6:11 a.m.
CVE-2024-23847
2024-05-3106:11:15
jpcert
github.com
unifier
unifier cast
default permissions
cve-2024-23847
vulnerability
arbitrary code
localsystem privilege
malicious program
data modification
Incorrect default permissions issue exists in Unifier and Unifier Cast Version.5.0 or later, and the patch “20240527” not applied. If this vulnerability is exploited, arbitrary code may be executed with LocalSystem privilege. As a result, a malicious program may be installed, data may be modified or deleted.
CNA Affected
[
{
"vendor": "Yokogawa Rental & Lease Corporation",
"product": "Unifier",
"versions": [
{
"version": "Version.5.0 or later",
"status": "affected"
},
{
"version": " and the patch \"20240527\" not applied",
"status": "affected"
}
]
},
{
"vendor": "Yokogawa Rental & Lease Corporation",
"product": "Unifier Cast ",
"versions": [
{
"version": "Version.5.0 or later",
"status": "affected"
},
{
"version": " and the patch \"20240527\" not applied",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2024-23847
2024-05-31 06:11:15
nvd
nvd
CVE-2024-23847
2024-05-31 06:15:10
cve
cve
CVE-2024-23847
2024-05-31 06:15:10
jvn
jvn
JVN#17680667: Multiple vulnerabilities in Unifier and Unifier Cast
2024-05-28 00:00:00
7.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Related for VULNRICHMENT:CVE-2024-23847