CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2023-30799 – MikroTik RouterOS Administrator Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-30799
MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. • https://github.com/MarginResearch/FOISted https://vulncheck.com/advisories/mikrotik-foisted • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34394 – Keysight N6845A Relative Path Traversal
https://notcve.org/view.php?id=CVE-2023-34394
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition. This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02 • CWE-23: Relative Path Traversal CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36853 – Keysight Geolocation Server Exposed Dangerous Method or Function
https://notcve.org/view.php?id=CVE-2023-36853
In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. ... This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02 • CWE-427: Uncontrolled Search Path Element CWE-749: Exposed Dangerous Method or Function •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-32155 – Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32155
Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. ... Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. ... This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. • https://www.zerodayinitiative.com/advisories/ZDI-23-971 • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-30989 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-30989
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254017 https://www.ibm.com/support/pages/node/7012353 • CWE-269: Improper Privilege Management •