CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-42796
https://notcve.org/view.php?id=CVE-2023-42796
By exploring active session IDs, the vulnerability could potentially be leveraged to escalate privileges to the administrator role. • https://cert-portal.siemens.com/productcert/pdf/ssa-770890.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30527
https://notcve.org/view.php?id=CVE-2022-30527
The affected application assigns improper access rights to specific folders containing executable files and libraries. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. • https://cert-portal.siemens.com/productcert/html/ssa-160243.html https://cert-portal.siemens.com/productcert/pdf/ssa-160243.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-31096
https://notcve.org/view.php?id=CVE-2023-31096
There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM. This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver) ransomware campaigns. • https://cschwarz1.github.io/posts/0x04 https://www.broadcom.com • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43896
https://notcve.org/view.php?id=CVE-2023-43896
A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code. • http://macrium.com https://knowledgebase.macrium.com/display/KNOW80/CVE-2023-43896+Advisory https://northwave-cybersecurity.com/vulnerability-notice/macrium-reflect-driver-out-of-bounds-write • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-45248
https://notcve.org/view.php?id=CVE-2023-45248
Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-6052 • CWE-427: Uncontrolled Search Path Element •