Описание
Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be executed.
EPSS
Процентиль: 2%
0.00013
Низкий
7.1 High
CVSS3
Дефекты
CWE-923
Связанные уязвимости
CVSS3: 7.1
github
8 месяцев назад
Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be executed.
EPSS
Процентиль: 2%
0.00013
Низкий
7.1 High
CVSS3
Дефекты
CWE-923