CVE-2024-7238 – VIPRE Advanced Security SBAMSvc Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7238
This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVE-2024-7241 – Panda Security Dome Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7241
This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVE-2024-42052
https://notcve.org/view.php?id=CVE-2024-42052
A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder. • https://github.com/SpacePlant/Vulns/blob/main/Advisories/2024/1.md https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/15813655496603-Splashtop-Streamer-version-v3-5-8-0-for-Windows-released •
CVE-2024-42051
https://notcve.org/view.php?id=CVE-2024-42051
A local user can exploit this to escalate privileges to SYSTEM by replacing InstRegExp.reg. • https://github.com/SpacePlant/Vulns/blob/main/Advisories/2024/3.md https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/20716875636763-Splashtop-Streamer-version-v3-6-2-0-for-Windows-released • CWE-1391: Use of Weak Credentials •
CVE-2024-42053
https://notcve.org/view.php?id=CVE-2024-42053
A local user can exploit this to escalate privileges to SYSTEM by placing a version.dll file in the folder. • https://github.com/SpacePlant/Vulns/blob/main/Advisories/2024/2.md https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/18223802896539-Splashtop-Streamer-version-v3-6-0-0-for-Windows-released • CWE-276: Incorrect Default Permissions •