Julian Horoszkiewicz

Name of the Vulnerable Software and Affected Versions: Brother driver installers for Windows (affected versions not specified) Description: The issue concerns a privilege escalation vulnerability in Brother driver installers for Windows. If exploited, an arbitrary program may be executed with administrative privilege. It is reported that a large number of device models are affected, with one source mentioning 1077 affected models. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions 9.7.1.110 and earlier MiVoice Business Solution Virtual Instance (MiVB SVI) version 1.0.0.25 Description: A vulnerability in the Desktop Client could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. This could enable an attacker to run arbitrary code with elevated privileges. The issue is related to insufficient access control, which may allow an attacker to bypass security restrictions, elevate privileges, and execute arbitrary code. Recommendations: For Mitel MiCollab versions 9.7.1.110 and earlier, update to a version later than 9.7.1.110 to resolve the issue. For MiVoice Business Solution Virtual Instance (MiVB SVI) version 1.0.0.25, update to a version later than 1.0.0.25 to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Thales SafeNet Sentinel HASP LDK versions prior to 9.16 **Description** A flaw in the installer for Thales SafeNet Sentinel HASP LDK on Windows allows an attacker to escalate their privilege level via local access. **Recommendations** For versions prior to 9.16, update to version 9.16 or later to resolve the issue. As a temporary workaround, consider restricting local access to the system until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Thesycon Software Solutions Gmbh & Co. KG TUSBAudio versions prior to 5.68.0 **Description** An issue in TUSBAudio MSI-based installers allows a local attacker to execute arbitrary code via the msiexec.exe repair mode. This enables a local attacker to potentially escalate privileges. **Recommendations** For versions prior to 5.68.0, update to version 5.68.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the msiexec.exe repair mode until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Unity Parsec versions prior to 9 Parsec Loader versions prior to 9 **Description** The issue is a Time-of-check-to-time-of-use (TOCTOU) race condition that allows local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. **Recommendations** For Unity Parsec versions prior to 9, update to version 9 to resolve the issue. For Parsec Loader versions prior to 9, update to version 9 to resolve the issue. As a temporary workaround, consider restricting access to the user-owned directory where the DLLs are launched to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Gazie version 7.32 **Description** A security issue was found where the installation of Gazie does not properly secure its own file /setup/install/setup.php. This allows unauthorized access to the file, which can be exploited to include arbitrary PHP files using the `hidden req` POST parameter. **Recommendations** For Gazie version 7.32, consider removing or restricting access to the /setup/install/setup.php file to prevent unauthorized access and potential arbitrary PHP file inclusion. As a temporary workaround, restrict access to this file until a proper fix is available.

**Name of the Vulnerable Software and Affected Versions** HP ArcSight Logger versions prior to 6.0 P2 **Description** The issue allows remote attackers to obtain access via a brute-force approach due to the lack of limitation on attempts to authenticate to the SOAP interface. **Recommendations** For HP ArcSight Logger versions prior to 6.0 P2, update to version 6.0 P2 or later to resolve the issue. As a temporary workaround, consider restricting access to the SOAP interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CA Release Automation versions prior to 4.7.1 b448 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors. **Recommendations** For versions prior to 4.7.1 b448, update to version 4.7.1 b448 or later to resolve the issue.