CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45205
https://notcve.org/view.php?id=CVE-2023-45205
This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to `NT AUTHORITY/SYSTEM`. ... Esto podría permitir que un atacante local autenticado inyecte código arbitrario y escale privilegios a "NT AUTHORITY/SYSTEM". • https://cert-portal.siemens.com/productcert/pdf/ssa-035466.pdf https://cert-portal.siemens.com/productcert/html/ssa-035466.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-42796
https://notcve.org/view.php?id=CVE-2023-42796
By exploring active session IDs, the vulnerability could potentially be leveraged to escalate privileges to the administrator role. • https://cert-portal.siemens.com/productcert/pdf/ssa-770890.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30527
https://notcve.org/view.php?id=CVE-2022-30527
The affected application assigns improper access rights to specific folders containing executable files and libraries. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. ... Esto podría permitir que un atacante local autenticado inyecte código arbitrario y escale privilegios. • https://cert-portal.siemens.com/productcert/html/ssa-160243.html https://cert-portal.siemens.com/productcert/pdf/ssa-160243.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-31096
https://notcve.org/view.php?id=CVE-2023-31096
There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). ... Hay una escalada de privilegios local al SYSTEM a través de un desbordamiento de pila en RTLCopyMemory (IOCTL 0x1b2150). • https://cschwarz1.github.io/posts/0x04 https://www.broadcom.com • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43896
https://notcve.org/view.php?id=CVE-2023-43896
A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code. • http://macrium.com https://knowledgebase.macrium.com/display/KNOW80/CVE-2023-43896+Advisory https://northwave-cybersecurity.com/vulnerability-notice/macrium-reflect-driver-out-of-bounds-write • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •