A privilege escalation vulnerability exists within the Qumu Multicast Extension v2 before 2.0.63 for Windows. When a standard user triggers a repair of the software, a pop-up window opens with SYSTEM privileges. Standard users may use this to gain arbitrary code execution as SYSTEM.
References
Link | Resource |
---|---|
https://hackandpwn.com/disclosures/CVE-2023-45883.pdf | Third Party Advisory |
https://www.vidyo.com/enterprise-video-management/qumu | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-10-19T00:00:00
Updated: 2023-10-19T12:52:00.893101
Reserved: 2023-10-15T00:00:00
Link: CVE-2023-45883
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-19T13:15:10.447
Modified: 2023-10-27T21:53:17.253
Link: CVE-2023-45883
JSON object: View
Redhat Information
No data.
CWE