**Name of the Vulnerable Software and Affected Versions** ESET security software (affected versions not specified) **Description** A time-of-check to time-of-use race condition could allow an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows SmartScreen (affected versions not specified) Description: A protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Trend Micro Worry-Free Business Security Services (WFBSS) SaaS client version (affected versions not specified) **Description** The issue is related to an uncontrolled search path vulnerability in the WFBSS agent, which could allow an attacker with physical access to a machine to execute arbitrary code on affected installations. The attacker must have physical access to the target system to exploit this vulnerability, as they need to access a certain hardware component. This vulnerability only affects the SaaS client version of WFBSS, and it has been addressed in a previous monthly maintenance update. **Recommendations** For the Trend Micro Worry-Free Business Security Services (WFBSS) SaaS client version, ensure that the WFBSS agents are on the regular SaaS maintenance deployment schedule, as this issue was addressed in a previous update. No other customer action is required to mitigate this issue if the agents are up to date.

**Name of the Vulnerable Software and Affected Versions** Tenable Network Monitor versions prior to 6.5.1 **Description** The issue arises when Tenable Network Monitor is installed to a non-default location on a Windows host. In such cases, versions prior to 6.5.1 did not enforce secure permissions for sub-directories, potentially allowing for local privilege escalation if users had not secured the directories in the non-default installation location. **Recommendations** For versions prior to 6.5.1, update to version 6.5.1 or later to resolve the issue. As a temporary workaround, consider manually securing the sub-directories in the non-default installation location to prevent local privilege escalation.

Name of the Vulnerable Software and Affected Versions: Windows NTFS (affected versions not specified) Description: The issue is an out-of-bounds read in Windows NTFS, allowing an unauthorized attacker to elevate privileges locally. This could potentially lead to SYSTEM-level access risk. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability. However, it is recommended to apply the MS update KB5002695 to stay safe.

Name of the Vulnerable Software and Affected Versions: Windows NTFS (affected versions not specified) Description: The issue is an out-of-bounds read in Windows NTFS that allows an unauthorized attacker to elevate privileges locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows NTFS (affected versions not specified) Description: The issue is an out-of-bounds read in Windows NTFS that allows an unauthorized attacker to elevate privileges locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows NTFS (affected versions not specified) Description: The issue is an out-of-bounds read in Windows NTFS, allowing an unauthorized attacker to elevate privileges locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nessus Agent versions prior to 10.8.3 **Description** The issue arises when Nessus Agent is installed to a non-default location on a Windows host. In such cases, Nessus Agent did not enforce secure permissions for sub-directories, which could allow for local privilege escalation if users had not secured the directories in the non-default installation location. **Recommendations** For Nessus Agent versions prior to 10.8.3, update to version 10.8.3 or later to resolve the issue. As a temporary workaround, consider manually securing the directories in the non-default installation location to prevent local privilege escalation.

**Name of the Vulnerable Software and Affected Versions** Tenable Network Monitor versions prior to 6.5.1 **Description** A security issue was found where a non-administrative user could stage files in a local directory to run arbitrary code with SYSTEM privileges, potentially leading to local privilege escalation. **Recommendations** For versions prior to 6.5.1, update to version 6.5.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Windows Setup and Deployment (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the Windows Setup and Deployment component. It is associated with a lack of quotes in writing elements or search paths. Exploitation of this issue may allow an attacker to elevate their privileges. The vulnerability can be exploited by attackers to impact the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks GlobalProtect App (affected versions not specified) **Description** A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. The issue is related to incorrect permission assignment for a critical resource, which can be exploited by an attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Rapid7 Minerva Armor versions prior to 4.5.5 **Description** The issue is a privilege escalation vulnerability that allows an authenticated attacker to elevate privileges and execute arbitrary code with SYSTEM privilege. This is caused by the product's implementation of OpenSSL's `OPENSSLDIR` parameter, which is set to a path accessible to low-privileged users. **Recommendations** For versions prior to 4.5.5, update to version 4.5.5 to resolve the issue. As a temporary workaround, consider restricting access to the `OPENSSLDIR` path to prevent low-privileged users from exploiting the vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office (affected versions not specified) **Description** The issue is related to a security feature bypass in Microsoft Office, which is connected to access control errors. Exploitation of this issue may allow an attacker to bypass existing security restrictions. It enables an attacker to have an impact on the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 119.0.6045.105 **Description** The issue is related to an inappropriate implementation in the Downloads component of Google Chrome, which may allow a remote attacker to potentially execute arbitrary code via a malicious file. This could be achieved by exploiting the vulnerability through a specially crafted web page, potentially leading to unauthorized access to protected information. **Recommendations** For versions prior to 119.0.6045.105, update to version 119.0.6045.105 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Downloads component until a patch is applied. Avoid using the Downloads feature with untrusted or malicious files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Apache HTTP Server versions prior to 2.4.58 **Description** The issue is related to the handling of HTTP/2 streams in the Apache HTTP Server. When a client resets an HTTP/2 stream using an RST frame, there is a time window where the request's memory resources are not immediately reclaimed. Instead, de-allocation is deferred until the connection is closed. A client can exploit this by sending new requests and resets, keeping the connection busy and open, and causing the memory footprint to grow. This can lead to a denial-of-service condition if the process runs out of memory before the connection is closed. **Recommendations** To resolve the issue, upgrade to version 2.4.58 or later, which fixes the problem. As a temporary workaround, consider restricting the use of HTTP/2 streams or limiting the number of concurrent connections to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Nessus Network Monitor (affected versions not specified) **Description** The issue is related to errors in privilege management. Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITYSYSTEM on Windows hosts by replacing a specially crafted file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Splunk Enterprise versions prior to 8.2.12 Splunk Enterprise versions prior to 9.0.6 Splunk Enterprise versions prior to 9.1.1 **Description** The issue is related to the incorrect initialization of a resource when handling the `OPENSSLDIR` value in the Splunk Web interface of Splunk Enterprise on Windows. This can be exploited by an attacker to execute arbitrary code and escalate privileges. An attacker can abuse the insecure path reference for the `OPENSSLDIR` build definition in a dynamic link library (DLL) that ships with Splunk Enterprise, allowing them to install malicious code and achieve privilege escalation on the Windows machine. **Recommendations** For versions prior to 8.2.12, update to version 8.2.12 or later. For versions prior to 9.0.6, update to version 9.0.6 or later. For versions prior to 9.1.1, update to version 9.1.1 or later.

**Name of the Vulnerable Software and Affected Versions** HPE Aruba Networking Virtual Intranet Access (VIA) client (affected versions not specified) **Description** A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITYSYSTEM privileges on the operating system. The vulnerability is related to insufficient access control, which could allow an attacker to gain access to the shell and execute arbitrary code with root privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to errors in synchronization when using a shared resource in the Windows OLE technology, which can be exploited by a remote attacker to execute arbitrary code. This allows the attacker to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.