PT-2023-29693 · Xmlsoft · Mlsoft Tco!Stream
Song Tae-Hyun
·
Published
2023-10-30
·
Updated
2023-11-08
·
CVE-2023-45799
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
MLSoft TCO!stream versions 8.0.22.1115 and below
Description
A vulnerability exists in MLSoft TCO!stream due to insufficient permission validation, allowing an attacker to make the victim download and execute arbitrary files.
Recommendations
For MLSoft TCO!stream versions 8.0.22.1115 and below, update to a version above 8.0.22.1115 to resolve the issue. As a temporary workaround, consider restricting access to sensitive features that may be exploited due to insufficient permission validation until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mlsoft Tco!Stream