CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25103 – Dynamic Link Library (DLL) Hijacking Vulnerability in CDAC AppSamvid Software
https://notcve.org/view.php?id=CVE-2024-25103
06 Mar 2024 — This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the targeted system. Esta vulnerabilidad existe en el software AppSamvid debido al uso de componentes vulnerables y obsoletos. Un atacante con privilegios administrativos locales podría apro... • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0081 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25102 – Information Disclosure Vulnerability in CDAC AppSamvid Software
https://notcve.org/view.php?id=CVE-2024-25102
06 Mar 2024 — This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system. Esta vulnerabilidad existe en el software AppSamvid debido al uso de un algoritmo criptográfico (hash) SHA1... • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0081 • CWE-326: Inadequate Encryption Strength •