Lucene search
JpcertVULNRICHMENT:CVE-2024-36246HistoryMay 31, 2024 - 6:11 a.m.
CVE-2024-36246
2024-05-3106:11:22
jpcert
github.com
2
cve
authorization
unifier
unifier cast
vulnerability
arbitrary code
localsystem privilege
exploited
malicious program
data modification
Missing authorization vulnerability exists in Unifier and Unifier Cast Version.5.0 or later, and the patch “20240527” not applied. If this vulnerability is exploited, arbitrary code may be executed with LocalSystem privilege. As a result, a malicious program may be installed, data may be modified or deleted.
CNA Affected
[
{
"vendor": "Yokogawa Rental & Lease Corporation",
"product": "Unifier",
"versions": [
{
"status": "affected",
"version": "Version.5.0 or later"
},
{
"status": "affected",
"version": " and the patch \"20240527\" not applied"
}
]
},
{
"vendor": "Yokogawa Rental & Lease Corporation",
"product": "Unifier Cast ",
"versions": [
{
"status": "affected",
"version": "Version.5.0 or later"
},
{
"status": "affected",
"version": " and the patch \"20240527\" not applied"
}
]
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:yokogawa_rental_lease_corporation:unifier:*:*:*:*:*:*:*:*"
],
"vendor": "yokogawa_rental_lease_corporation",
"product": "unifier",
"versions": [
{
"status": "affected",
"version": "5.0",
"lessThan": "*",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:yokogawa_rental_lease_corporation:unifier_cast:*:*:*:*:*:*:*:*"
],
"vendor": "yokogawa_rental_lease_corporation",
"product": "unifier_cast",
"versions": [
{
"status": "affected",
"version": "5.0",
"lessThan": "*",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
nvd
nvd
CVE-2024-36246
2024-05-31 06:15:12
cve
cve
CVE-2024-36246
2024-05-31 06:15:12
cvelist
cvelist
CVE-2024-36246
2024-05-31 06:11:22
jvn
jvn
JVN#17680667: Multiple vulnerabilities in Unifier and Unifier Cast
2024-05-28 00:00:00
AI Score
7.3
Confidence
High
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-36246