exploitDog

CVE-2019-12176

Опубликовано: 03 июн. 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

Privilege escalation in the "HTC Account Service" and "ViveportDesktopService" in HTC VIVEPORT before 1.0.0.36 allows local attackers to escalate privileges to SYSTEM via reconfiguration of either service.

Ссылки

https://community.viveport.com/
Vendor Advisory
https://huskersec.com/privilege-escalation-via-htc-viveport-desktop-c93471ff87c8
Third Party Advisory
https://community.viveport.com/
Vendor Advisory
https://huskersec.com/privilege-escalation-via-htc-viveport-desktop-c93471ff87c8
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:htc:viveport:*:*:*:*:*:*:*:*

Версия до 1.0.0.36 (исключая)

EPSS

Процентиль: 9%

0.00034

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-269

Связанные уязвимости

GHSA-xj72-54ch-xhfx

CVSS3: 7.8

github

больше 3 лет назад

Privilege escalation in the "HTC Account Service" and "ViveportDesktopService" in HTC VIVEPORT before 1.0.0.36 allows local attackers to escalate privileges to SYSTEM via reconfiguration of either service.

EPSS

Процентиль: 9%

0.00034

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-269