CVE-2024-0833

CVSS v3.1

7.8

High

Vector

AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Telerik Test Studio versions prior to v2023.3.1330

Description A privilege elevation vulnerability has been identified in the application's installer component. In an environment where an existing Telerik Test Studio install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.

Recommendations For versions prior to v2023.3.1330, update to version v2023.3.1330 or later to resolve the issue. As a temporary workaround, consider restricting access to the installer component to minimize the risk of exploitation.

Fix

Improper Privilege Management

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269CWE-276

Related Identifiers

CVE-2024-0833

Affected Products

Telerik Test Studio

CVE-2024-0833

Weakness Enumeration

Related Identifiers

Affected Products

References · 8