Описание
TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact that TightVNC runs in the backend as a high-privileges account.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | Windows only |
| devel | not-affected | Windows only |
| esm-apps/bionic | not-affected | Windows only |
| esm-apps/focal | not-affected | Windows only |
| esm-apps/jammy | not-affected | Windows only |
| esm-apps/xenial | not-affected | Windows only |
| esm-infra-legacy/trusty | not-affected | Windows only |
| focal | not-affected | Windows only |
| jammy | not-affected | Windows only |
| kinetic | not-affected | Windows only |
Показывать по
EPSS
9 Critical
CVSS3
Связанные уязвимости
TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact that TightVNC runs in the backend as a high-privileges account.
TightVNC before v2.8.75 allows attackers to escalate privileges on the ...
TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact that TightVNC runs in the backend as a high-privileges account.
Уязвимость системы удалённого доступа к рабочему столу компьютера TightVNC, связанная с ошибками при управлении привилегиями, позволяющая нарушителю повысить свои привилегии
EPSS
9 Critical
CVSS3