PT-2023-24963 · Unknown · Kioware For Windows

Hunter Gregal

Publicado

2023-06-19

Atualizado

2024-12-12

CVE-2023-34641

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions KioWare for Windows versions through 8.33

Description The issue is related to an incomplete blacklist filter for blocked dialog boxes on Windows 10. Attackers can exploit this by opening a file dialog box via the window.print() function, which can then be used to open an unprivileged command prompt.

Recommendations For versions through 8.33, update to a version that contains a fix for this issue to prevent exploitation. As a temporary workaround, consider restricting the use of the window.print() function until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-34641

Produtos afetados

Kioware For Windows

PT-2023-24963 · Unknown · Kioware For Windows

CVE-2023-34641

Identificadores relacionados

Produtos afetados

Referências · 9