Описание
IXON VPN Client before 1.4.4 on Windows allows Local Privilege Escalation to SYSTEM because there is code execution from a configuration file that can be controlled by a low-privileged user. There is a race condition in which a temporary configuration file, in a world-writable directory, can be overwritten.
EPSS
Процентиль: 4%
0.00018
Низкий
8.1 High
CVSS3
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 8.1
github
9 месяцев назад
IXON VPN Client before 1.4.4 on Windows allows Local Privilege Escalation to SYSTEM because there is code execution from a configuration file that can be controlled by a low-privileged user. There is a race condition in which a temporary configuration file, in a world-writable directory, can be overwritten.
EPSS
Процентиль: 4%
0.00018
Низкий
8.1 High
CVSS3
Дефекты
CWE-732