CVE-2024-36302 – Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-36302
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2024-36303. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000298063 https://www.zerodayinitiative.com/advisories/ZDI-24-569 • CWE-346: Origin Validation Error •
CVE-2024-36358 – Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-36358
A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000298151 https://www.zerodayinitiative.com/advisories/ZDI-24-575 •
CVE-2023-38042
https://notcve.org/view.php?id=CVE-2023-38042
A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM. • https://forums.ivanti.com/s/article/Security-Advisory-May-2024?language=en_US • CWE-250: Execution with Unnecessary Privileges •
CVE-2023-46810
https://notcve.org/view.php?id=CVE-2023-46810
A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1, allows a low privileged user to execute code as root. • https://forums.ivanti.com/s/article/Security-Advisory-May-2024 •
CVE-2024-1867 – G DATA Total Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-1867
This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •