CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2024-7253 – NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7253
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within nxnode.exe. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. . • https://kb.nomachine.com/TR07V11184 https://www.zerodayinitiative.com/advisories/ZDI-24-1042 • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2023-39107
https://notcve.org/view.php?id=CVE-2023-39107
An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to overwrite root-owned files by using hardlinks. Una vulnerabilidad de sobrescritura arbitraria de archivos en NoMachine Free Edition y Enterprise Client para macOS antes de v8.8.1 permite a los atacantes sobrescribir archivos propiedad de root mediante el uso de hardlinks. • https://kb.nomachine.com/SU07U00247 https://kb.nomachine.com/TR07U10948 https://www.ns-echo.com/posts/nomachine_afo.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-48074
https://notcve.org/view.php?id=CVE-2022-48074
An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nxs file. • https://kb.nomachine.com/SU11T00239 •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34043
https://notcve.org/view.php?id=CVE-2022-34043
Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code. Unos permisos incorrectos para la carpeta C:\ProgramData\NSinMachine\Ndesinstalación de Nomachine versión v7.9.2, permite a atacantes llevar a cabo un ataque de secuestro de DLL y ejecutar código arbitrario • https://github.com/ycdxsb/Vuln/tree/main/Nomachine-Incorrect-Folder-Permission • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-33436
https://notcve.org/view.php?id=CVE-2021-33436
NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. This vulnerability allows local non-privileged users to perform DLL Hijacking via any writable directory listed under the system path and ultimately execute code as NT AUTHORITY\SYSTEM. NoMachine para Windows versiones anteriores a 6.15.1 y 7.5.2, sufre una escalada de privilegios local debido a una falta de carga segura de DLL. Esta vulnerabilidad permite a usuarios locales no privilegiado llevar a cabo el secuestro de DLL por medio de cualquier directorio con capacidad de escritura que aparezca en la ruta del sistema y, en última instancia, ejecutar código como NT AUTHORITY\SYSTEM • https://github.com/active-labs/Advisories/blob/master/2021/ACTIVE-2021-001.md https://knowledgebase.nomachine.com/SU05S00223 https://knowledgebase.nomachine.com/SU05S00224 https://knowledgebase.nomachine.com/TR05S10236 •