CVE-2024-47045

Sažetak

Privilege chaining issue exists in the installer of e-Tax software(common program). If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege.

Reference

https://jvn.jp/en/jp/JVN57749899/
https://www.e-tax.nta.go.jp/topics/2024/topics_20240924_versionup.htm

CVSS

Base:	7.8
Impact:	5.9
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

26-09-2024 - 15:35

Objavljeno

26-09-2024 - 04:15