SKYSEA Client View hasta 16.001.01g DLL escalada de privilegios

artículoeditHistoryDiffjsonxmlCTI

Una vulnerabilidad fue encontrada en SKYSEA Client View hasta 16.001.01g y clasificada como crítica. Una función desconocida del componente DLL Handler es afectada por esta vulnerabilidad. No hay información respecto a posibles contramedidas. Se sugiere sustituir el producto con un equivalente.

Campo2021-01-13 14:012021-02-13 07:062021-02-13 07:09
vendorSKYSEASKYSEASKYSEA
nameClient ViewClient ViewClient View
version<=16.001.01g<=16.001.01g<=16.001.01g
componentDLL HandlerDLL HandlerDLL Handler
cwe426 (escalada de privilegios)426 (escalada de privilegios)426 (escalada de privilegios)
risk222
cvss3_vuldb_uiNNN
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
urlhttps://jvn.jp/en/jp/JVN69635538/index.htmlhttps://jvn.jp/en/jp/JVN69635538/index.htmlhttps://jvn.jp/en/jp/JVN69635538/index.html
confirm_urlhttps://www.skyseaclientview.net/news/210112_01/https://www.skyseaclientview.net/news/210112_01/https://www.skyseaclientview.net/news/210112_01/
cveCVE-2021-20616CVE-2021-20616CVE-2021-20616
date1610492400 (2021-01-13)1610492400 (2021-01-13)1610492400 (2021-01-13)
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_avAAA
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_sUUU
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss3_vuldb_rcXXX
cvss2_vuldb_basescore4.94.94.9
cvss2_vuldb_tempscore4.94.94.9
cvss3_vuldb_basescore5.55.55.5
cvss3_vuldb_tempscore5.55.55.5
cvss3_meta_basescore5.55.56.6
cvss3_meta_tempscore5.55.56.6
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned16081596001608159600
cve_nvd_summaryUntrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
cvss3_nvd_avL
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiR
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss2_nvd_avL
cvss2_nvd_acM
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cvss2_nvd_basescore4.4
cvss3_nvd_basescore7.8

Do you want to use VulDB in your project?

Use the official API to access entries easily!