CVE-2023-27830

Name of the Vulnerable Software and Affected Versions TightVNC versions prior to 2.8.75

Description The issue is related to errors in privilege management, allowing remote attackers to escalate their privileges on the host operating system. This can be achieved by replacing legitimate files with crafted files during a file transfer, taking advantage of the fact that TightVNC runs with high privileges in the backend.

Recommendations For versions prior to 2.8.75, update to version 2.8.75 or later to resolve the issue. As a temporary workaround, consider restricting file transfer operations until the update is applied.