CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7243 – Panda Security Dome Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7243
Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-1013 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7244 – Panda Security Dome VPN DLL Hijacking Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7244
Panda Security Dome VPN DLL Hijacking Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-1014 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7245 – Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7245
Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-1015 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-42052
https://notcve.org/view.php?id=CVE-2024-42052
A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder. • https://github.com/SpacePlant/Vulns/blob/main/Advisories/2024/1.md https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/15813655496603-Splashtop-Streamer-version-v3-5-8-0-for-Windows-released •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-42051
https://notcve.org/view.php?id=CVE-2024-42051
A local user can exploit this to escalate privileges to SYSTEM by replacing InstRegExp.reg. • https://github.com/SpacePlant/Vulns/blob/main/Advisories/2024/3.md https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/20716875636763-Splashtop-Streamer-version-v3-6-2-0-for-Windows-released • CWE-1391: Use of Weak Credentials •