Crestron AirMedia 4.3.1.39 on Windows insecure inherited permissions

A vulnerability was found in Crestron AirMedia 4.3.1.39 on Windows and classified as critical. Affected by this issue is an unknown code block. Upgrading to version 5.5.1.84 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

122

Field

exploit_price_0day1
vulnerability_cvss3_meta_tempscore1
vulnerability_cvss3_meta_basescore1
vulnerability_cvss3_vuldb_tempscore1
vulnerability_cvss3_vuldb_basescore1

Commit Conf

90%30
50%10

Approve Conf

90%30
80%10
IDCommitedUserFieldChangeRemarksAcceptedReasonC
1302372809/23/2022VulD...price_0day$0-$5ksee exploit price documentation09/23/2022accepted
90
1302372709/23/2022VulD...cvss3_meta_tempscore8.4see CVSS documentation09/23/2022accepted
90
1302372609/23/2022VulD...cvss3_meta_basescore8.8see CVSS documentation09/23/2022accepted
90
1302372509/23/2022VulD...cvss3_vuldb_tempscore8.4see CVSS documentation09/23/2022accepted
90
1302372409/23/2022VulD...cvss3_vuldb_basescore8.8see CVSS documentation09/23/2022accepted
90
1302372309/23/2022VulD...cvss2_vuldb_tempscore7.8see CVSS documentation09/23/2022accepted
90
1302372209/23/2022VulD...cvss2_vuldb_basescore9.0see CVSS documentation09/23/2022accepted
90
1302372109/23/2022VulD...cvss3_vuldb_eXderived from historical data09/23/2022accepted
80
1302372009/23/2022VulD...cvss2_vuldb_eNDderived from historical data09/23/2022accepted
80
1302371909/23/2022VulD...cvss2_vuldb_auSderived from historical data09/23/2022accepted
80
1302371809/23/2022VulD...cvss2_vuldb_rlOFderived from vuldb v3 vector09/23/2022accepted
80
1302371709/23/2022VulD...cvss2_vuldb_rcCderived from vuldb v3 vector09/23/2022accepted
80
1302371609/23/2022VulD...cvss2_vuldb_aiCderived from vuldb v3 vector09/23/2022accepted
80
1302371509/23/2022VulD...cvss2_vuldb_iiCderived from vuldb v3 vector09/23/2022accepted
80
1302371409/23/2022VulD...cvss2_vuldb_ciCderived from vuldb v3 vector09/23/2022accepted
80
1302371309/23/2022VulD...cvss2_vuldb_acLderived from vuldb v3 vector09/23/2022accepted
80
1302371209/23/2022VulD...cvss2_vuldb_avNderived from vuldb v3 vector09/23/2022accepted
80
1302371109/23/2022VulD...date1663884000 (09/23/2022)09/23/2022accepted
90
1302371009/23/2022VulD...cve_nvd_summaryCrestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. A low privileged user can initiate a repair of the system and gain a SYSTEM level shell.cve.org09/23/2022accepted
90
1302370909/23/2022VulD...cve_assigned1662588000 (09/08/2022)cve.org09/23/2022accepted
90

20 more entries are not shown

Do you know our Splunk app?

Download it now for free!