Описание
Barron McCann X-Kryptor Driver BMS1446HRR (Xgntr BMS1351 Install BMS1472) in X-Kryptor Secure Client does not drop privileges when launching an Explorer window in response to a help command, which allows local users to gain LocalSystem privileges via interactive use of Explorer.
Ссылки
- Vendor Advisory
- URL Repurposed
- Vendor Advisory
- Vendor Advisory
- URL Repurposed
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:barron_mccann:install:bms1472:*:*:*:*:*:*:*
cpe:2.3:a:barron_mccann:x-kryptor_driver:bms1446hrr:*:*:*:*:*:*:*
cpe:2.3:a:barron_mccann:x-kryptor_secure_client:*:*:*:*:*:*:*:*
cpe:2.3:a:barron_mccann:xgntr:bms1351:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.00073
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
Barron McCann X-Kryptor Driver BMS1446HRR (Xgntr BMS1351 Install BMS1472) in X-Kryptor Secure Client does not drop privileges when launching an Explorer window in response to a help command, which allows local users to gain LocalSystem privileges via interactive use of Explorer.
EPSS
Процентиль: 22%
0.00073
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-264