CVE-2024-50592 – Local Privilege Escalation via Race Condition
https://notcve.org/view.php?id=CVE-2024-50592
An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a race condition in the Elefant Update Service during the repair or update process. • https://hasomed.de/produkte/elefant https://r.sec-consult.com/hasomed • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2024-50591 – Local Privilege Escalation via Command Injection
https://notcve.org/view.php?id=CVE-2024-50591
An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a command injection vulnerability in the Elefant Update Service. ... A crafted message of type "MessageType.SupportServiceInfos" can be sent to the local ESU service to inject commands, which are then executed as "NT AUTHORITY\SYSTEM". Un atacante con acceso local al equipo del consultorio médico puede escalar sus privilegios de usuario de Windows a "NT AUTHORITY\SYSTEM" explotando una vulnerabilidad de inyección de comandos en el Servicio de actualización de Elefant. ... Se puede enviar un mensaje manipulado de tipo "MessageType.SupportServiceInfos" al servicio ESU local para inyectar comandos, que luego se ejecutan como "NT AUTHORITY\SYSTEM". • https://hasomed.de/produkte/elefant https://r.sec-consult.com/hasomed • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-50590 – Local Privilege Escalation via Weak Service Binary Permissions
https://notcve.org/view.php?id=CVE-2024-50590
Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. ... This means that a local attacker can rename one of the service binaries, replace the service executable with a new executable, and then restart the system. ... Los atacantes con acceso local al equipo del consultorio médico pueden escalar sus privilegios de usuario de Windows a "NT AUTHORITY\SYSTEM" sobrescribiendo uno de los dos binarios de servicio de Elefant con permisos débiles. ... Esto significa que un atacante local puede cambiar el nombre de uno de los binarios de servicio, reemplazar el ejecutable de servicio con un nuevo ejecutable y luego reiniciar el sistema. • https://hasomed.de/produkte/elefant https://r.sec-consult.com/hasomed • CWE-250: Execution with Unnecessary Privileges CWE-276: Incorrect Default Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2024-25431
https://notcve.org/view.php?id=CVE-2024-25431
An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and fixed in commit 06df58f allows a remote attacker to escalate privileges via a crafted file to the check_was_abi_compatibility function. • https://gist.github.com/haruki3hhh/bd228e6dcaf8c18140e1074964912b39 https://github.com/bytecodealliance/wasm-micro-runtime/issues/3122 https://github.com/bytecodealliance/wasm-micro-runtime/pull/3126 •
CVE-2024-40239
https://notcve.org/view.php?id=CVE-2024-40239
An incorrect access control issue in Life: Personal Diary, Journal android app 17.5.0 allows a physically proximate attacker to escalate privileges via the fingerprint authentication function. • https://play.google.com/store/apps/details?id=com.hitbytes.minidiarynotes https://zzzxiin.github.io/post/life-personal-diary •