exploitDog

CVE-2023-28122

Опубликовано: 19 апр. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A local privilege escalation (LPE) vulnerability in UI Desktop for Windows (Version 0.59.1.71 and earlier) allows a malicious actor with local access to a Windows device running said application to submit arbitrary commands as SYSTEM.This vulnerability is fixed in Version 0.62.3 and later.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ui:desktop:*:*:*:*:*:windows:*:*

Версия до 0.62.3.0 (исключая)

EPSS

Процентиль: 20%

0.00065

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-269

Связанные уязвимости

GHSA-8vh6-crr8-5pf8

CVSS3: 7.8

github

почти 3 года назад

A local privilege escalation (LPE) vulnerability in UI Desktop for Windows (Version 0.59.1.71 and earlier) allows a malicious actor with local access to a Windows device running said application to submit arbitrary commands as SYSTEM.This vulnerability is fixed in Version 0.62.3 and later.

EPSS

Процентиль: 20%

0.00065

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-269