Bzyo

Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can inject a crafted payload into the Save Path for Snapshot and Record file field to trigger a buffer overflow and execute arbitrary code via ROP chain gadgets.

**Name of the Vulnerable Software and Affected Versions** Iperius Backup version 6.1.0 **Description** A privilege escalation issue allows low-privilege users to execute arbitrary programs with elevated privileges by creating backup jobs. Attackers can configure these jobs to run malicious batch files or programs before or after backup operations. These processes execute with the privileges of the Iperius Backup Service account, such as Local System or Administrator, leading to arbitrary code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Rubo DICOM Viewer version 2.0 **Description** A buffer overflow exists in the DICOM server name input field. This flaw allows attackers to overwrite the Structured Exception Handler (SEH), which is a mechanism used to handle software errors. By creating a malicious text file with a specifically crafted payload, an attacker can trigger remote code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MedDream PACS Server version 6.8.3.751 **Description** The software contains an authenticated remote code execution issue allowing authorized users to upload malicious PHP files. An attacker can exploit the `/uploadImage.php` API endpoint by authenticating and uploading a PHP shell to execute arbitrary system commands with elevated privileges. **Recommendations** Update to a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: NSClient++ version 0.5.2.35 Description: A local privilege escalation issue exists when both the web interface and ExternalScripts features are enabled. The configuration file (nsclient.ini) stores the administrative password in plaintext and is readable by local users. An attacker can extract this password, authenticate to the NSClient++ web interface (typically accessible on port 8443), and abuse the ExternalScripts plugin to inject and execute arbitrary commands as SYSTEM. This can be done by registering a custom script, saving the configuration, and triggering it via the API. Recommendations: For NSClient++ version 0.5.2.35, consider disabling the ExternalScripts feature and restricting access to the web interface until a secure configuration or update is available. As a temporary workaround, restrict access to the nsclient.ini configuration file to prevent local users from reading the administrative password.

**Name of the Vulnerable Software and Affected Versions** NI LabVIEW Command Line Interface (CLI) (affected versions not specified) **Description** The issue is related to incorrect default permissions in the installation folder, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NI System Configuration Manager versions prior to 22.5 **Description** The issue is related to improper input validation, which may allow a privileged user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 22.5, update to version 22.5 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: National Instruments NI-PAL driver versions 20.0.0 and prior Description: The issue is related to improper input validation in the National Instruments NI-PAL driver, which may allow a privileged user to potentially enable escalation of privilege via local access. Recommendations: For versions 20.0.0 and prior, update to a version that includes proper input validation to prevent potential escalation of privilege. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** exacqVision Enterprise System Manager (ESM) versions 5.12.2 and prior **Description** A vulnerability in the exacqVision Enterprise System Manager (ESM) allows unauthorized privilege escalation. This issue impacts ESM running on a Windows operating system, where authorized users have 'modify' permission to the ESM folders. A low-privilege account can modify files in these directories, rename and replace an executable with a malicious file, and potentially achieve system-level privileges upon system restart. **Recommendations** For versions 5.12.2 and prior, consider restricting access to the ESM folders to prevent low-privilege accounts from modifying files, and avoid restarting the system until a fix is applied. As a temporary workaround, consider monitoring system restarts and executable files in the ESM directories for any malicious activity. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PrinterOn Enterprise version 4.1.4 **Description** The issue allows for arbitrary file deletion. **Recommendations** For PrinterOn Enterprise version 4.1.4, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Synametrics SynaMan version 4.0 build 1488 **Description** The issue concerns the use of cleartext password storage for SMTP credentials. **Recommendations** For Synametrics SynaMan version 4.0 build 1488, consider updating the configuration to use secure password storage for SMTP credentials. As a temporary workaround, restrict access to the SMTP configuration to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Synametrics SynaMan version 4.0 build 1488 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities can be exploited via the `Main heading` or `Sub heading` fields in the Partial Branding configuration page. **Recommendations** For Synametrics SynaMan version 4.0 build 1488, consider restricting access to the Partial Branding configuration page until a fix is available. As a temporary workaround, avoid using the `Main heading` and `Sub heading` fields in the Partial Branding configuration page to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Geist WatchDog Console version 3.2.2 Description: A cross-site scripting (XSS) issue allows remote authenticated administrators to inject arbitrary web script or HTML via a server description. This could potentially lead to unauthorized access or control of the affected system. Recommendations: For Geist WatchDog Console version 3.2.2, consider restricting access to the server description field to prevent arbitrary web script or HTML injection until a patch is available.

Name of the Vulnerable Software and Affected Versions: Geist WatchDog Console version 3.2.2 Description: The issue concerns a weak Access Control List (ACL) used by the Geist WatchDog Console for the C:ProgramDataWatchDog Console directory. This weakness allows local users to modify configuration data. Specifically, users can update the `config.xml` or `servers.xml` files. Recommendations: For Geist WatchDog Console version 3.2.2, consider restricting access to the C:ProgramDataWatchDog Console directory to prevent local users from modifying the `config.xml` and `servers.xml` files until a proper fix is applied.

Name of the Vulnerable Software and Affected Versions: Geist WatchDog Console version 3.2.2 Description: The issue allows remote authenticated administrators to read arbitrary files by providing crafted XML data, exploiting an XML external entity (XXE) vulnerability. Recommendations: For Geist WatchDog Console version 3.2.2, consider restricting access to XML data processing until a patch is available. As a temporary workaround, limit the privileges of administrators to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.