Lucene search
JpcertVULNRICHMENT:CVE-2024-23847HistoryMay 31, 2024 - 6:11 a.m.
CVE-2024-23847
2024-05-3106:11:15
jpcert
github.com
3
unifier
unifier cast
default permissions
cve-2024-23847
vulnerability
arbitrary code
localsystem privilege
malicious program
data modification
AI Score
7.4
Confidence
High
EPSS
0
Percentile
9.0%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Incorrect default permissions issue exists in Unifier and Unifier Cast Version.5.0 or later, and the patch “20240527” not applied. If this vulnerability is exploited, arbitrary code may be executed with LocalSystem privilege. As a result, a malicious program may be installed, data may be modified or deleted.
CNA Affected
[
{
"vendor": "Yokogawa Rental & Lease Corporation",
"product": "Unifier",
"versions": [
{
"version": "Version.5.0 or later",
"status": "affected"
},
{
"version": " and the patch \"20240527\" not applied",
"status": "affected"
}
]
},
{
"vendor": "Yokogawa Rental & Lease Corporation",
"product": "Unifier Cast ",
"versions": [
{
"version": "Version.5.0 or later",
"status": "affected"
},
{
"version": " and the patch \"20240527\" not applied",
"status": "affected"
}
]
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:yokogawa_rental_lease_corporation:unifier:*:*:*:*:*:*:*:*"
],
"vendor": "yokogawa_rental_lease_corporation",
"product": "unifier",
"versions": [
{
"status": "affected",
"version": "5.0",
"lessThan": "5.10",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
CVE-2024-23847
2024-05-31 06:11:15
nvd
nvd
CVE-2024-23847
2024-05-31 06:15:10
cve
cve
CVE-2024-23847
2024-05-31 06:15:10
jvn
jvn
JVN#17680667: Multiple vulnerabilities in Unifier and Unifier Cast
2024-05-28 00:00:00
AI Score
7.4
Confidence
High
EPSS
0
Percentile
9.0%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-23847