| |
Podatność CVE-2024-36398
Publikacja: 2024-08-13
| Opis: |
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges. |
Typ:
CWE-250 (Execution with Unnecessary Privileges)
Referencje: |
https://cert-portal.siemens.com/productcert/html/ssa-784301.html
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English