CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
9.0%
Improper access control vulnerability exists in the specific folder of SKYSEA Client View versions from Ver.16.100 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary file may be placed in the specific folder by a user who can log in to the PC where the product’s Windows client is installed. In case the file is a specially crafted DLL file, arbitrary code may be executed with SYSTEM privilege.
Vendor | Product | Version | CPE |
---|---|---|---|
sky_co.\,ltd. | skysea_client_view | * | cpe:2.3:a:sky_co.\,ltd.:skysea_client_view:*:*:*:*:*:*:*:* |
[
{
"vendor": "Sky Co.,LTD.",
"product": "SKYSEA Client View",
"versions": [
{
"version": "versions from Ver.16.100 prior to Ver.19.2",
"status": "affected"
}
]
}
]