PT-2024-18785 · Unknown · Smart Manager

Yunpeng Cai

Published

2024-06-03

Updated

2024-06-07

CVE-2024-20874

CVSS v3.1

7.9

High

Vector

AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L

Name of the Vulnerable Software and Affected Versions SmartManagerCN versions prior to SMR Jun-2024 Release 1

Description The issue is related to improper access control, allowing local attackers to launch privileged activities. This could potentially lead to unauthorized access and malicious activities on the system.

Recommendations For versions prior to SMR Jun-2024 Release 1, update to SMR Jun-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2024-20874

Affected Products

Smart Manager

PT-2024-18785 · Unknown · Smart Manager

CVE-2024-20874

Related Identifiers

Affected Products

References · 6