CWE-250
Execution with Unnecessary Privileges
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
CVE-2022-24113 (GCVE-0-2022-24113)
Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-16 19:57
VLAI
Title
Local privilege escalation due to excessive permissions assigned to child processes
Summary
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
Severity
No CVSS data available.
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security-advisory.acronis.com/advisories/… | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Acronis | Acronis Cyber Protect 15 |
Affected:
unspecified , < 28035
(custom)
|
|
| Acronis | Acronis Agent |
Affected:
unspecified , < 27147
(custom)
|
|
| Acronis | Acronis Cyber Protect Home Office |
Affected:
unspecified , < 39612
(custom)
|
|
| Acronis | Acronis True Image 2021 |
Affected:
unspecified , < 39287
(custom)
|
Date Public
2022-02-02 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:23.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-2881"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Acronis Cyber Protect 15",
"vendor": "Acronis",
"versions": [
{
"lessThan": "28035",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows"
],
"product": "Acronis Agent",
"vendor": "Acronis",
"versions": [
{
"lessThan": "27147",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows"
],
"product": "Acronis Cyber Protect Home Office",
"vendor": "Acronis",
"versions": [
{
"lessThan": "39612",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows"
],
"product": "Acronis True Image 2021",
"vendor": "Acronis",
"versions": [
{
"lessThan": "39287",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "@penrose (https://hackerone.com/penrose)"
}
],
"datePublic": "2022-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T22:29:30.000Z",
"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"shortName": "Acronis"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-2881"
}
],
"source": {
"advisory": "SEC-2881",
"defect": [
"SEC-2881"
],
"discovery": "EXTERNAL"
},
"title": "Local privilege escalation due to excessive permissions assigned to child processes",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@acronis.com",
"DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
"ID": "CVE-2022-24113",
"STATE": "PUBLIC",
"TITLE": "Local privilege escalation due to excessive permissions assigned to child processes"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acronis Cyber Protect 15",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "28035"
}
]
}
},
{
"product_name": "Acronis Agent",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "27147"
}
]
}
},
{
"product_name": "Acronis Cyber Protect Home Office",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "39612"
}
]
}
},
{
"product_name": "Acronis True Image 2021",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "39287"
}
]
}
}
]
},
"vendor_name": "Acronis"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "@penrose (https://hackerone.com/penrose)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-advisory.acronis.com/advisories/SEC-2881",
"refsource": "MISC",
"url": "https://security-advisory.acronis.com/advisories/SEC-2881"
}
]
},
"source": {
"advisory": "SEC-2881",
"defect": [
"SEC-2881"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"assignerShortName": "Acronis",
"cveId": "CVE-2022-24113",
"datePublished": "2022-02-04T22:29:30.215Z",
"dateReserved": "2022-01-28T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:57:01.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2634 (GCVE-0-2022-2634)
Vulnerability from cvelistv5 – Published: 2022-08-09 20:18 – Updated: 2025-04-16 16:13
VLAI
Title
Digi ConnectPort X2D
Summary
An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed.
Severity
10 (Critical)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Digi | ConnectPort X2D |
Affected:
All manufactured prior to 01/2020
|
Date Public
2022-08-04 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:46:03.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-216-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:53:46.897152Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:13:37.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ConnectPort X2D",
"vendor": "Digi",
"versions": [
{
"status": "affected",
"version": "All manufactured prior to 01/2020"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Aar\u00f3n Flecha of S21sec reported this vulnerability to CISA."
}
],
"datePublic": "2022-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:18:31.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-216-01"
}
],
"source": {
"advisory": "ICSA-22-216-01",
"discovery": "EXTERNAL"
},
"title": "Digi ConnectPort X2D",
"workarounds": [
{
"lang": "en",
"value": "Digi International indicated this vulnerability does not exist in ConnectPort gateways manufactured after January 2020. It is recommended to contact Digi International support for assistance with impacted devices manufactured prior to January 2020."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-08-04T17:00:00.000Z",
"ID": "CVE-2022-2634",
"STATE": "PUBLIC",
"TITLE": "Digi ConnectPort X2D"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ConnectPort X2D",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "All",
"version_value": "manufactured prior to 01/2020"
}
]
}
}
]
},
"vendor_name": "Digi"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Aar\u00f3n Flecha of S21sec reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250 Execution with Unnecessary Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-216-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-216-01"
}
]
},
"source": {
"advisory": "ICSA-22-216-01",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Digi International indicated this vulnerability does not exist in ConnectPort gateways manufactured after January 2020. It is recommended to contact Digi International support for assistance with impacted devices manufactured prior to January 2020."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-2634",
"datePublished": "2022-08-09T20:18:31.257Z",
"dateReserved": "2022-08-02T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:13:37.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27578 (GCVE-0-2022-27578)
Vulnerability from cvelistv5 – Published: 2022-04-11 19:37 – Updated: 2024-08-03 05:32
VLAI
Summary
An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content.
Severity
No CVSS data available.
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://sick.com/psirt | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | SICK Overall Equipment Effectiveness |
Affected:
version 0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sick.com/psirt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SICK Overall Equipment Effectiveness",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "version 0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:37:46.000Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sick.com/psirt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@sick.de",
"ID": "CVE-2022-27578",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SICK Overall Equipment Effectiveness",
"version": {
"version_data": [
{
"version_value": "version 0.5.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sick.com/psirt",
"refsource": "MISC",
"url": "https://sick.com/psirt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2022-27578",
"datePublished": "2022-04-11T19:37:46.000Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2024-08-03T05:32:59.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30695 (GCVE-0-2022-30695)
Vulnerability from cvelistv5 – Published: 2022-05-16 17:19 – Updated: 2024-09-17 04:20
VLAI
Title
Local privilege escalation due to excessive permissions assigned to child processes
Summary
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640
Severity
No CVSS data available.
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security-advisory.acronis.com/advisories/… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Acronis | Acronis Snap Deploy |
Affected:
unspecified , < 3640
(custom)
|
Date Public
2022-05-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:56:13.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-3080"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Acronis Snap Deploy",
"vendor": "Acronis",
"versions": [
{
"lessThan": "3640",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:19:34.000Z",
"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"shortName": "Acronis"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-3080"
}
],
"source": {
"advisory": "SEC-3080",
"defect": [
"SEC-3080"
],
"discovery": "INTERNAL"
},
"title": "Local privilege escalation due to excessive permissions assigned to child processes",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@acronis.com",
"DATE_PUBLIC": "2022-05-13T00:00:00.000Z",
"ID": "CVE-2022-30695",
"STATE": "PUBLIC",
"TITLE": "Local privilege escalation due to excessive permissions assigned to child processes"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acronis Snap Deploy",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "3640"
}
]
}
}
]
},
"vendor_name": "Acronis"
}
]
}
},
"credit": [],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-advisory.acronis.com/advisories/SEC-3080",
"refsource": "MISC",
"url": "https://security-advisory.acronis.com/advisories/SEC-3080"
}
]
},
"source": {
"advisory": "SEC-3080",
"defect": [
"SEC-3080"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"assignerShortName": "Acronis",
"cveId": "CVE-2022-30695",
"datePublished": "2022-05-16T17:19:34.797Z",
"dateReserved": "2022-05-13T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:20:36.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3088 (GCVE-0-2022-3088)
Vulnerability from cvelistv5 – Published: 2022-11-22 00:00 – Updated: 2025-04-16 17:42
VLAI
Summary
UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to v1.6, UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T System Image: Versions v3.0 and v3.1, UC-8200 System Image: v1.0 to v1.5, AIG-300 System Image: v1.0 to v1.4, UC-8410A with Debian 9 System Image: Versions v4.0.2 and v4.1.2, UC-8580 with Debian 9 System Image: Versions v2.0 and v2.1, UC-8540 with Debian 9 System Image: Versions v2.0 and v2.1, and DA-662C-16-LX (GLB) System Image: Versions v1.0.2 to v1.1.2 of Moxa's ARM-based computers have an execution with unnecessary privileges vulnerability, which could allow an attacker with user-level privileges to gain root privileges.
Severity
7.8 (High)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
1 reference
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| Moxa | UC-8100A-ME-T System Imaage |
Affected:
1.0 , ≤ 1.6
(custom)
|
|
| Moxa | UC-2100 System Image |
Affected:
1.0 , ≤ 1.12
(custom)
|
|
| Moxa | UC-2100-W System Image |
Affected:
1.0 , ≤ 1.12
(custom)
|
|
| Moxa | UC-3100 System Image |
Affected:
1.0 , ≤ 1.6
(custom)
|
|
| Moxa | UC-5100 System Image |
Affected:
1.0 , ≤ 1.4
(custom)
|
|
| Moxa | UC-8100 System Image |
Affected:
3.0 , ≤ 3.5
(custom)
|
|
| Moxa | UC-8100-ME-T System Image |
Affected:
3.0 , ≤ 3.1
(custom)
|
|
| Moxa | UC-8200 System Image |
Affected:
1.0 , ≤ 1.5
(custom)
|
|
| Moxa | AIG-300 System Image |
Affected:
1.0 , ≤ 1.4
(custom)
|
|
| Moxa | UC-8410A with Debian 9 System Image |
Affected:
4.0.2 and 4.1.2
|
|
| Moxa | UC-8580 with Debian 9 System Image |
Affected:
2.0 and 2.1
|
|
| Moxa | UC-8540 with Debian 9 System Image |
Affected:
2.0 and 2.1
|
|
| Moxa | DA-662C-16-LX (GLB) System Image |
Affected:
1.0.2 , ≤ 1.1.2
(custom)
|
Date Public
2022-11-22 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:00:10.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-05"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3088",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:25:51.797778Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:42:25.272Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "UC-8100A-ME-T System Imaage",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.6",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"product": "UC-2100 System Image",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"product": "UC-2100-W System Image",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"product": "UC-3100 System Image",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.6",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"product": "UC-5100 System Image",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"product": "UC-8100 System Image",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.5",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
},
{
"product": "UC-8100-ME-T System Image",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.1",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
},
{
"product": "UC-8200 System Image",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"product": "AIG-300 System Image",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"product": "UC-8410A with Debian 9 System Image",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "4.0.2 and 4.1.2"
}
]
},
{
"product": "UC-8580 with Debian 9 System Image",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "2.0 and 2.1"
}
]
},
{
"product": "UC-8540 with Debian 9 System Image",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "2.0 and 2.1"
}
]
},
{
"product": "DA-662C-16-LX (GLB) System Image",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.1.2",
"status": "affected",
"version": "1.0.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "En Garde ICSRange research team reported this vulnerability to CISA. "
}
],
"datePublic": "2022-11-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12,\u0026nbsp;UC-3100 System Image: Versions v1.0 to v1.6,\u0026nbsp;UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T System Image: Versions v3.0 and v3.1, UC-8200 System Image: v1.0 to v1.5, AIG-300 System Image: v1.0 to v1.4, UC-8410A with Debian 9 System Image: Versions v4.0.2 and v4.1.2, UC-8580 with Debian 9 System Image: Versions v2.0 and v2.1, UC-8540 with Debian 9 System Image: Versions v2.0 and v2.1, and DA-662C-16-LX (GLB) System Image: Versions v1.0.2 to v1.1.2 of Moxa\u0027s ARM-based computers have an execution with unnecessary privileges vulnerability, which could allow an attacker with user-level privileges to gain root privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-07T00:00:00.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-05"
}
],
"solutions": [
{
"lang": "en",
"value": "Moxa developed updates to address this vulnerability. Users should follow the instructions in Moxa\u0027s security advisory to update their system image. "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-3088",
"datePublished": "2022-11-22T00:00:00.000Z",
"dateReserved": "2022-09-01T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:42:25.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32535 (GCVE-0-2022-32535)
Vulnerability from cvelistv5 – Published: 2022-06-22 13:55 – Updated: 2024-08-03 07:46
VLAI
Title
Web server runs as root
Summary
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.
Severity
4.8 (Medium)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://psirt.bosch.com/security-advisories/BOSCH… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Bosch | PRA-ES8P2S |
Affected:
unspecified , ≤ 1.01.05
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-247052-BT.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PRA-ES8P2S",
"vendor": "Bosch",
"versions": [
{
"lessThanOrEqual": "1.01.05",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-22T13:55:55.000Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-247052-BT.html"
}
],
"source": {
"advisory": "BOSCH-SA-247052-BT",
"discovery": "INTERNAL"
},
"title": "Web server runs as root",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@bosch.com",
"ID": "CVE-2022-32535",
"STATE": "PUBLIC",
"TITLE": "Web server runs as root"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PRA-ES8P2S",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.01.05"
}
]
}
}
]
},
"vendor_name": "Bosch"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250 Execution with Unnecessary Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/security-advisories/BOSCH-SA-247052-BT.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-247052-BT.html"
}
]
},
"source": {
"advisory": "BOSCH-SA-247052-BT",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2022-32535",
"datePublished": "2022-06-22T13:55:55.000Z",
"dateReserved": "2022-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-03T07:46:43.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34384 (GCVE-0-2022-34384)
Vulnerability from cvelistv5 – Published: 2023-02-10 20:03 – Updated: 2025-03-26 15:44
VLAI
Summary
Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation.
Severity
7.8 (High)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/000204114 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | SupportAssist Client Consumer |
Affected:
0 , ≤ 3.11.1
(custom)
|
Date Public
2022-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:16.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000204114"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-24T14:37:50.380678Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T15:44:05.650Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SupportAssist Client Consumer",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "3.11.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cdiv\u003e\u003cdiv\u003eDell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation.\u003c/div\u003e\u003c/div\u003e\n\n"
}
],
"value": "\nDell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation.\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-10T20:03:33.740Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/000204114"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2022-34384",
"datePublished": "2023-02-10T20:03:33.740Z",
"dateReserved": "2022-06-23T18:55:17.090Z",
"dateUpdated": "2025-03-26T15:44:05.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39286 (GCVE-0-2022-39286)
Vulnerability from cvelistv5 – Published: 2022-10-26 00:00 – Updated: 2025-04-23 16:43
VLAI
Title
Execution with Unnecessary Privileges in JupyterApp
Summary
Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing untrusted files in CWD. This vulnerability allows one user to run code as another. Version 4.11.2 contains a patch for this issue. There are no known workarounds.
Severity
8.8 (High)
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/jupyter/jupyter_core/security/… | |
| https://github.com/jupyter/jupyter_core/commit/11… | |
| https://lists.debian.org/debian-lts-announce/2022… | mailing-list |
| https://security.gentoo.org/glsa/202301-04 | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://www.debian.org/security/2023/dsa-5422 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| jupyter | jupyter_core |
Affected:
< 4.11.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:00:43.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jupyter/jupyter_core/security/advisories/GHSA-m678-f26j-3hrp"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jupyter/jupyter_core/commit/1118c8ce01800cb689d51f655f5ccef19516e283"
},
{
"name": "[debian-lts-announce] 20221117 [SECURITY] [DLA 3195-1] jupyter-core security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00022.html"
},
{
"name": "GLSA-202301-04",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202301-04"
},
{
"name": "FEDORA-2023-de87bd076b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YIDN7JMLK6AOMBQI4QPSW4MBQGWQ5NIN/"
},
{
"name": "FEDORA-2023-d966145959",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KKMP5OXXIX2QAUNVNJZ5UEQFKDYYJVBA/"
},
{
"name": "DSA-5422",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5422"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39286",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:47:29.874045Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:43:15.864Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jupyter_core",
"vendor": "jupyter",
"versions": [
{
"status": "affected",
"version": "\u003c 4.11.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing untrusted files in CWD. This vulnerability allows one user to run code as another. Version 4.11.2 contains a patch for this issue. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-09T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/jupyter/jupyter_core/security/advisories/GHSA-m678-f26j-3hrp"
},
{
"url": "https://github.com/jupyter/jupyter_core/commit/1118c8ce01800cb689d51f655f5ccef19516e283"
},
{
"name": "[debian-lts-announce] 20221117 [SECURITY] [DLA 3195-1] jupyter-core security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00022.html"
},
{
"name": "GLSA-202301-04",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202301-04"
},
{
"name": "FEDORA-2023-de87bd076b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YIDN7JMLK6AOMBQI4QPSW4MBQGWQ5NIN/"
},
{
"name": "FEDORA-2023-d966145959",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KKMP5OXXIX2QAUNVNJZ5UEQFKDYYJVBA/"
},
{
"name": "DSA-5422",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5422"
}
],
"source": {
"advisory": "GHSA-m678-f26j-3hrp",
"discovery": "UNKNOWN"
},
"title": "Execution with Unnecessary Privileges in JupyterApp"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-39286",
"datePublished": "2022-10-26T00:00:00.000Z",
"dateReserved": "2022-09-02T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:43:15.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40182 (GCVE-0-2022-40182)
Vulnerability from cvelistv5 – Published: 2022-10-11 00:00 – Updated: 2024-08-03 12:14
VLAI
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). The device embedded Chromium-based browser is launched as root with the “--no-sandbox” option. Attackers can add arbitrary JavaScript code inside “Operation” graphics and successfully exploit any number of publicly known vulnerabilities against the version of the embedded Chromium-based browser.
Severity
No CVSS data available.
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
1 reference
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | Desigo PXM30-1 |
Affected:
All versions < V02.20.126.11-41
|
|
| Siemens | Desigo PXM30.E |
Affected:
All versions < V02.20.126.11-41
|
|
| Siemens | Desigo PXM40-1 |
Affected:
All versions < V02.20.126.11-41
|
|
| Siemens | Desigo PXM40.E |
Affected:
All versions < V02.20.126.11-41
|
|
| Siemens | Desigo PXM50-1 |
Affected:
All versions < V02.20.126.11-41
|
|
| Siemens | Desigo PXM50.E |
Affected:
All versions < V02.20.126.11-41
|
|
| Siemens | PXG3.W100-1 |
Affected:
All versions < V02.20.126.11-37
|
|
| Siemens | PXG3.W100-2 |
Affected:
All versions < V02.20.126.11-41
|
|
| Siemens | PXG3.W200-1 |
Affected:
All versions < V02.20.126.11-37
|
|
| Siemens | PXG3.W200-2 |
Affected:
All versions < V02.20.126.11-41
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:40.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Desigo PXM30-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM30.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W100-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W100-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W200-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W200-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). The device embedded Chromium-based browser is launched as root with the \u201c--no-sandbox\u201d option. Attackers can add arbitrary JavaScript code inside \u201cOperation\u201d graphics and successfully exploit any number of publicly known vulnerabilities against the version of the embedded Chromium-based browser."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-40182",
"datePublished": "2022-10-11T00:00:00.000Z",
"dateReserved": "2022-09-08T00:00:00.000Z",
"dateUpdated": "2024-08-03T12:14:40.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-41290 (GCVE-0-2022-41290)
Vulnerability from cvelistv5 – Published: 2022-12-23 19:32 – Updated: 2025-04-10 18:43
VLAI
Title
IBM AIX privilege escalation
Summary
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690.
Severity
8.4 (High)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/6847917 | vendor-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entry |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:42:44.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6847917"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236690"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41290",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T18:42:33.483505Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T18:43:07.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AIX",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1, 7.2, 7.3, VIOS 3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690."
}
],
"value": "IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-23T19:32:42.839Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6847917"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/236690"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM AIX privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2022-41290",
"datePublished": "2022-12-23T19:32:42.839Z",
"dateReserved": "2022-09-21T17:43:55.393Z",
"dateUpdated": "2025-04-10T18:43:07.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-17
Phases: Architecture and Design, Operation
Strategy: Environment Hardening
Description:
- Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
Mitigation ID: MIT-18
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.
Mitigation ID: MIT-18
Phase: Architecture and Design
Strategy: Attack Surface Reduction
Description:
- Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.
Mitigation
Phase: Implementation
Description:
- Perform extensive input validation for any privileged code that must be exposed to the user and reject anything that does not fit your strict requirements.
Mitigation ID: MIT-19
Phase: Implementation
Description:
- When dropping privileges, ensure that they have been dropped successfully to avoid CWE-273. As protection mechanisms in the environment get stronger, privilege-dropping calls may fail even if it seems like they would always succeed.
Mitigation
Phase: Implementation
Description:
- If circumstances force you to run with extra privileges, then determine the minimum access level necessary. First identify the different permissions that the software and its users will need to perform their actions, such as file read and write permissions, network socket permissions, and so forth. Then explicitly allow those actions while denying all else [REF-76]. Perform extensive input validation and canonicalization to minimize the chances of introducing a separate vulnerability. This mitigation is much more prone to error than dropping the privileges in the first place.
Mitigation ID: MIT-37
Phases: Operation, System Configuration
Strategy: Environment Hardening
Description:
- Ensure that the software runs properly under the United States Government Configuration Baseline (USGCB) [REF-199] or an equivalent hardening configuration guide, which many organizations use to limit the attack surface and potential risk of deployed software.
CAPEC-104: Cross Zone Scripting
An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security.
CAPEC-470: Expanding Control over the Operating System from the Database
An attacker is able to leverage access gained to the database to read / write data to the file system, compromise the operating system, create a tunnel for accessing the host machine, and use this access to potentially attack other machines on the same network as the database machine. Traditionally SQL injections attacks are viewed as a way to gain unauthorized read access to the data stored in the database, modify the data in the database, delete the data, etc. However, almost every data base management system (DBMS) system includes facilities that if compromised allow an attacker complete access to the file system, operating system, and full access to the host running the database. The attacker can then use this privileged access to launch subsequent attacks. These facilities include dropping into a command shell, creating user defined functions that can call system level libraries present on the host machine, stored procedures, etc.
CAPEC-69: Target Programs with Elevated Privileges
This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to execute with elevated privileges.