CVE-2024-27275 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2024-27275
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285203 https://www.ibm.com/support/pages/node/7157637 • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •
CVE-2024-37369 – Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions
https://notcve.org/view.php?id=CVE-2024-37369
A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system. Existe una vulnerabilidad de escalada de privilegios en el producto afectado. La vulnerabilidad permite a los usuarios con pocos privilegios editar scripts, eludir las listas de control de acceso y potencialmente obtener más acceso dentro del sistema. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2024-34012
https://notcve.org/view.php?id=CVE-2024-34012
Local privilege escalation due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-5758 • CWE-276: Incorrect Default Permissions •
CVE-2024-27165 – Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-27165
Toshiba printers contain a suidperl binary and it has a Local Privilege Escalation vulnerability. A local attacker can get root privileges. • http://seclists.org/fulldisclosure/2024/Jul/1 https://jvn.jp/en/vu/JVNVU97136265/index.html https://www.toshibatec.com/information/20240531_01.html https://www.toshibatec.com/information/pdf/information20240531_01.pdf • CWE-272: Least Privilege Violation •
CVE-2024-27155 – Local Privilege Escalation and Remote Code Execution using insecure permissions
https://notcve.org/view.php?id=CVE-2024-27155
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. • http://seclists.org/fulldisclosure/2024/Jul/1 https://jvn.jp/en/vu/JVNVU97136265/index.html https://www.toshibatec.com/information/20240531_01.html https://www.toshibatec.com/information/pdf/information20240531_01.pdf • CWE-276: Incorrect Default Permissions •