Описание
Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the product's Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privilege.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.010.06 (включая) до 19.300.09h (исключая)
cpe:2.3:a:skygroup:skysea_client_view:*:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00107
Низкий
7.8 High
CVSS3
Дефекты
CWE-266
Связанные уязвимости
CVSS3: 7.8
github
больше 1 года назад
Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the product's Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privilege.
EPSS
Процентиль: 29%
0.00107
Низкий
7.8 High
CVSS3
Дефекты
CWE-266