exploitDog

CVE-2023-27010

Опубликовано: 13 мар. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable.

Ссылки

https://cwe.mitre.org/data/definitions/250.html
Technical Description
https://packetstormsecurity.com/files/171301/Wondershare-Dr-Fone-12.9.6-Weak-Permissions-Privilege-Escalation.html
Third Party Advisory
VDB Entry
https://cwe.mitre.org/data/definitions/250.html
Technical Description
https://packetstormsecurity.com/files/171301/Wondershare-Dr-Fone-12.9.6-Weak-Permissions-Privilege-Escalation.html
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wondershare:dr.fone:12.9.6:*:*:*:*:windows:*:*

EPSS

Процентиль: 33%

0.00129

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-Other

CWE-250

Связанные уязвимости

GHSA-4j9m-52h7-f59q

CVSS3: 7.8

github

почти 3 года назад

Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable.

EPSS

Процентиль: 33%

0.00129

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-Other

CWE-250