A local privilege escalation (LPE) vulnerability in UI Desktop for Windows (Version 0.59.1.71 and earlier) allows a malicious actor with local access to a Windows device running said application to submit arbitrary commands as SYSTEM.This vulnerability is fixed in Version 0.62.3 and later.
References
Link | Resource |
---|---|
https://community.ui.com/releases/Security-Advisory-Bulletin-029-029/a47c68f2-1f3a-47c3-b577-eb70599644e4 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2023-04-19T00:00:00
Updated: 2023-04-19T00:00:00
Reserved: 2023-03-10T00:00:00
Link: CVE-2023-28122
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-04-19T20:15:12.143
Modified: 2023-05-01T20:25:55.953
Link: CVE-2023-28122
JSON object: View
Redhat Information
No data.
CWE