Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-33873
HistoryNov 15, 2023 - 5:15 p.m.

CVE-2023-33873

2023-11-1517:15:41
CWE-250
[email protected]
web.nvd.nist.gov
privilege escalation
vulnerability
local user
os-authenticated
system privilege
complete compromise
target machine

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.2%

JSON

This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.

Affected configurations

NVD
Node
avevabatch_managementRange<2020
OR
avevabatch_managementMatch2020-
OR
avevabatch_managementMatch2020sp1
OR
avevacommunication_driversRange<2020
OR
avevacommunication_driversMatch2020-
OR
avevacommunication_driversMatch2020r2
OR
avevacommunication_driversMatch2020r2_p01
OR
avevaedgeRange20.1.101
OR
avevaenterprise_licensingRange3.7.002
OR
avevahistorianRange<2020
OR
avevahistorianMatch2020-
OR
avevahistorianMatch2020r2
OR
avevahistorianMatch2020r2_p01
OR
avevaintouchRange<2020
OR
avevaintouchMatch2020-
OR
avevaintouchMatch2020r2
OR
avevaintouchMatch2020r2_p01
OR
avevamanufacturing_execution_systemRange<2020
OR
avevamanufacturing_execution_systemMatch2020
OR
avevamanufacturing_execution_systemMatch2020p01
OR
avevamobile_operatorRange<2020
OR
avevamobile_operatorMatch2020
OR
avevamobile_operatorMatch2020-
OR
avevamobile_operatorMatch2020r1
OR
avevaplant_scadaRange<2020
OR
avevaplant_scadaMatch2020-
OR
avevaplant_scadaMatch2020r2
OR
avevarecipe_managementRange<2020
OR
avevarecipe_managementMatch2020-
OR
avevarecipe_managementMatch2020update_1_patch_2
OR
avevasystem_platformRange<2020
OR
avevasystem_platformMatch2020-
OR
avevasystem_platformMatch2020r2
OR
avevasystem_platformMatch2020r2_p01
OR
avevatelemetry_serverMatch2020r2-
OR
avevatelemetry_serverMatch2020r2sp1
OR
avevawork_tasksRange<2020
OR
avevawork_tasksMatch2020-
OR
avevawork_tasksMatch2020update_1
OR
avevawork_tasksMatch2020update_2

Related

prion 1
cve 1
cvelist 1
ics 1
prion
prion
Privilege escalation
2023-11-15 17:15:00
cve
cve
CVE-2023-33873
2023-11-15 17:15:41
cvelist
cvelist
CVE-2023-33873 AVEVA Operations Control Logger Execution with Unnecessary Privileges
2023-11-15 16:22:31
ics
ics
AVEVA Operations Control Logger
2023-11-14 12:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for NVD:CVE-2023-33873
prion1cve1cvelist1ics1