CVE-2023-29187 - CERT CVE
ID CVE-2023-29187
Sažetak A Windows user with basic user authorization can exploit a DLL hijacking attack in SapSetup (Software Installation Program) - version 9.0, resulting in a privilege escalation running code as administrator of the very same Windows PC. A successful attack depends on various preconditions beyond the attackers control.
Reference
CVSS
Base: 6.7
Impact: 5.9
Exploitability:0.8
Pristup
VektorSloženostAutentikacija
LOCAL HIGH -
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 26-04-2023 - 18:44
Objavljeno 11-04-2023 - 04:16