PT-2023-29693 · Xmlsoft · Mlsoft Tco!Stream

Song Tae-Hyun

Publicado

2023-10-30

Atualizado

2023-11-08

CVE-2023-45799

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MLSoft TCO!stream versions 8.0.22.1115 and below

Description A vulnerability exists in MLSoft TCO!stream due to insufficient permission validation, allowing an attacker to make the victim download and execute arbitrary files.

Recommendations For MLSoft TCO!stream versions 8.0.22.1115 and below, update to a version above 8.0.22.1115 to resolve the issue. As a temporary workaround, consider restricting access to sensitive features that may be exploited due to insufficient permission validation until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-494

Identificadores relacionados

CVE-2023-45799

Produtos afetados

Mlsoft Tco!Stream

PT-2023-29693 · Xmlsoft · Mlsoft Tco!Stream

CVE-2023-45799

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7