CVE-2024-48990 – needrestart Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-48990
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable. Qualys discovered that needrestart suffers from multiple local privilege escalation vulnerabilities that allow for root access from an unprivileged user. • https://github.com/liske/needrestart/commit/fcc9a4401392231bef4ef5ed026a0d7a275149ab https://www.cve.org/CVERecord?id=CVE-2024-48990 https://www.qualys.com/2024/11/19/needrestart/needrestart.txt • CWE-427: Uncontrolled Search Path Element •
CVE-2024-11003 – needrestart Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-11003
This could allow a local attacker to execute arbitrary shell commands. ... Qualys discovered that needrestart suffers from multiple local privilege escalation vulnerabilities that allow for root access from an unprivileged user. • https://github.com/liske/needrestart/commit/0f80a348883f72279a859ee655f58da34babefb0 https://www.cve.org/CVERecord?id=CVE-2024-10224 https://www.cve.org/CVERecord?id=CVE-2024-11003 https://www.qualys.com/2024/11/19/needrestart/needrestart.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2024-10224 – needrestart Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-10224
Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by open()ing a "pesky pipe" (such as passing "commands|" as a filename) or by passing arbitrary strings to eval(). Qualys discovered that needrestart suffers from multiple local privilege escalation vulnerabilities that allow for root access from an unprivileged user. • https://github.com/rschupp/Module-ScanDeps/security/advisories/GHSA-g597-359q-v529 https://www.cve.org/CVERecord?id=CVE-2024-10224 https://www.qualys.com/2024/11/19/needrestart/needrestart.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2024-42450
https://notcve.org/view.php?id=CVE-2024-42450
This combination allows an unauthenticated attacker to access and administer the database or read local filesystem contents to escalate privileges on the system. Exploitation Status: Versa Networks is not aware of this exploitation in any production systems. A proof of concept exists in the lab environment. Workarounds or Mitigation: Starting with the latest 22.1.4 version of Versa Director, the software will automatically restrict access to the Postgres and HA ports to only the local and peer Versa Directors. • https://security-portal.versa-networks.com/emailbulletins/6735a300415abb89e9a8a9d3 • CWE-798: Use of Hard-coded Credentials •
CVE-2024-11075 – SICK Incoming Goods Suite privilege escalation vulnerability
https://notcve.org/view.php?id=CVE-2024-11075
A vulnerability in the Incoming Goods Suite allows a user with unprivileged access to the underlying system (e.g. local or via SSH) a privilege escalation to the administrative level due to the usage of component vendor Docker images running with root permissions. • https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF https://sick.com/psirt https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.first.org/cvss/calculator/3.1 https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0005.json https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0005.pdf • CWE-250: Execution with Unnecessary Privileges •