CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29838
https://notcve.org/view.php?id=CVE-2023-29838
Insecure Permission vulnerability found in Botkind/Siber Systems SyncApp v.19.0.3.0 allows a local attacker toe escalate privileges via the SyncService.exe file. • https://github.com/IthacaLabs/Botkind/blob/main/Botkind_SyncApp/WeakServicePermissions_InsecureServiceExecutable_CVE-2023-29838.txt https://github.com/IthacaLabs/Botkind/tree/main/Botkind_SyncApp • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-31748 – MobileTrans 4.0.11 - Weak Service Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-31748
Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file. • https://www.exploit-db.com/exploits/51479 http://mobiletrans.com https://packetstormsecurity.com/files/172466/MobileTrans-4.0.11-Weak-Service-Permissions.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-33240
https://notcve.org/view.php?id=CVE-2023-33240
Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service. • https://www.foxit.com/support/security-bulletins.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-4418
https://notcve.org/view.php?id=CVE-2022-4418
Local privilege escalation due to unrestricted loading of unsigned libraries. • https://security-advisory.acronis.com/advisories/SEC-4729 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-45452
https://notcve.org/view.php?id=CVE-2022-45452
Local privilege escalation due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-3967 • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •