Lucene search
Piotr Bazydlo (@chudypb) of Trend Micro Zero Day InitiativeZDI-23-686HistoryMay 17, 2023 - 12:00 a.m.
Delta Electronics InfraSuite Device Master Incorrect Permission Assignment Local Privilege Escalation Vulnerability
2023-05-1700:00:00
Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
11
delta electronics
infrasuite
device master
vulnerability
local privilege escalation
incorrect folder permissions
arbitrary code execution
system context
0.001 Low
EPSS
Percentile
20.1%
This vulnerability allows local attackers to escalate privileges on affected installations of Delta Electronics InfraSuite Device Master. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the product installer. The product sets incorrect permissions on folders. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Related
cve
cve
CVE-2023-1135
2023-03-27 15:15:07
nvd
nvd
CVE-2023-1135
2023-03-27 15:15:07
cnvd
cnvd
Delta Electronics InfraSuite Device Master Licensing Issue Vulnerability
2023-03-29 00:00:00
prion
prion
Privilege escalation
2023-03-27 15:15:00
cvelist
cvelist
CVE-2023-1135
2023-03-27 14:59:57
ics
ics
Delta Electronics InfraSuite Device Master
2023-03-21 12:00:00