Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code.
La gestión inadecuada de privilegios en Jungo WinDriver anterior a 12.2.0 permite a atacantes locales escalar privilegios y ejecutar código arbitrario.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
NVD-CWE-noinfo
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | Secondary |
en
CWE-94
en
CWE-269
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| jungo | windriver | * | <built-in method update of dict object at 0x7d1e64bed380> | Application |
| mitsubishielectric | cpu_module_logging_configuration_tool | * | <built-in method update of dict object at 0x7d1ebce41f40> | Application |
| mitsubishielectric | cw_configurator | * | <built-in method update of dict object at 0x7d1ebce31780> | Application |
| mitsubishielectric | data_transfer | * | <built-in method update of dict object at 0x7d1e64bed680> | Application |
| mitsubishielectric | data_transfer_classic | * | <built-in method update of dict object at 0x7d1e64bec800> | Application |
| mitsubishielectric | ezsocket | * | <built-in method update of dict object at 0x7d1ebce30c00> | Application |
| mitsubishielectric | fr_configurator_sw3 | * | <built-in method update of dict object at 0x7d1ebce415c0> | Application |
| mitsubishielectric | fr_configurator2 | * | <built-in method update of dict object at 0x7d1ebce420c0> | Application |
| mitsubishielectric | genesis64 | * | <built-in method update of dict object at 0x7d1ebce437c0> | Application |
| mitsubishielectric | gt_got1000 | * | <built-in method update of dict object at 0x7d1e64becd80> | Application |
| mitsubishielectric | gt_got2000 | * | <built-in method update of dict object at 0x7d1ebce40c00> | Application |
| mitsubishielectric | gt_softgot1000 | * | <built-in method update of dict object at 0x7d1ebce337c0> | Application |
| mitsubishielectric | gt_softgot2000 | * | <built-in method update of dict object at 0x7d1ebce42140> | Application |
| mitsubishielectric | gx_developer | * | <built-in method update of dict object at 0x7d1ebce41680> | Application |
| mitsubishielectric | gx_logviewer | * | <built-in method update of dict object at 0x7d1ebce41780> | Application |
| mitsubishielectric | gx_works2 | * | <built-in method update of dict object at 0x7d1ebce43900> | Application |
| mitsubishielectric | gx_works3 | * | <built-in method update of dict object at 0x7d1e5febf2c0> | Application |
| mitsubishielectric | iq_works | * | <built-in method update of dict object at 0x7d1ebce40300> | Application |
| mitsubishielectric | mi_configurator | * | <built-in method update of dict object at 0x7d1ebce41240> | Application |
| mitsubishielectric | mr_configurator | * | <built-in method update of dict object at 0x7d1e3571b880> | Application |
| mitsubishielectric | mr_configurator2 | * | <built-in method update of dict object at 0x7d1e64bed3c0> | Application |
| mitsubishielectric | mx_component | * | <built-in method update of dict object at 0x7d1ebce32dc0> | Application |
| mitsubishielectric | mx_opc_server_da\/ua | * | <built-in method update of dict object at 0x7d1ebce40040> | Application |
| mitsubishielectric | numerical_control_device_communication | * | <built-in method update of dict object at 0x7d1e5febf540> | Application |
| mitsubishielectric | px_developer\/monitor_tool | * | <built-in method update of dict object at 0x7d1eb4db9c00> | Application |
| mitsubishielectric | rt_toolbox3 | * | <built-in method update of dict object at 0x7d1ebce42f00> | Application |
| mitsubishielectric | rt_visualbox | * | <built-in method update of dict object at 0x7d1e35718180> | Application |
| mitsubishielectric | mrzjw3-mc2-utl_firmware | * | <built-in method update of dict object at 0x7d1ebce40640> | Operating System |
| mitsubishielectric | sw0dnc-mneth-b_firmware | * | <built-in method update of dict object at 0x7d1ea0cf5800> | Operating System |
| mitsubishielectric | sw1dnc-ccbd2-b_firmware | * | <built-in method update of dict object at 0x7d1e64bedd40> | Operating System |
| mitsubishielectric | sw1dnc-ccief-j_firmware | * | <built-in method update of dict object at 0x7d1ea0cf6180> | Operating System |
| mitsubishielectric | sw1dnc-ccief-b_firmware | * | <built-in method update of dict object at 0x7d1ea0cf7200> | Operating System |
| mitsubishielectric | sw1dnc-mnetg-b_firmware | * | <built-in method update of dict object at 0x7d1ea0cf7280> | Operating System |
| mitsubishielectric | sw1dnc-qsccf-b_firmware | * | <built-in method update of dict object at 0x7d1ea0cf7a00> | Operating System |
| mitsubishielectric | sw1dnd-emsdk-b_firmware | * | <built-in method update of dict object at 0x7d1ea0cf6bc0> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:data_transfer_classic:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:genesis64:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:gt_got1000:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:gt_got2000:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:gx_developer:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:iq_works:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:mr_configurator:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:mx_opc_server_da\/ua:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:numerical_control_device_communication:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:px_developer\/monitor_tool:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:mitsubishielectric:rt_visualbox:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:mitsubishielectric:mrzjw3-mc2-utl_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:mitsubishielectric:mrzjw3-mc2-utl:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:mitsubishielectric:sw0dnc-mneth-b_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:mitsubishielectric:sw0dnc-mneth-b:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:mitsubishielectric:sw1dnc-ccbd2-b_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:mitsubishielectric:sw1dnc-ccbd2-b:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-j_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-j:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-b_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-b:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:mitsubishielectric:sw1dnc-mnetg-b_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:mitsubishielectric:sw1dnc-mnetg-b:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:mitsubishielectric:sw1dnc-qsccf-b_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:mitsubishielectric:sw1dnc-qsccf-b:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:mitsubishielectric:sw1dnd-emsdk-b_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:mitsubishielectric:sw1dnd-emsdk-b:-:*:*:*:*:*:*:* |