CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36488 – Intel Driver & Support Assistant Log Folder Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-36488
This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01200.html • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-39709
https://notcve.org/view.php?id=CVE-2024-39709
Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy Secure before version 22.6R1 allow a local authenticated attacker to escalate their privileges. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-37398
https://notcve.org/view.php?id=CVE-2024-37398
Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs •
CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36513
https://notcve.org/view.php?id=CVE-2024-36513
A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts. • https://fortiguard.fortinet.com/psirt/FG-IR-24-144 • CWE-270: Privilege Context Switching Error •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51722 – Vulnerabilities in SecuSUITE Server Components Impact SecuSUITE
https://notcve.org/view.php?id=CVE-2024-51722
A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code running under one of the system accounts listed in the configuration file to potentially issue privileged script commands. • https://support.blackberry.com/pkb/s/article/140220 • CWE-250: Execution with Unnecessary Privileges •