CVE-2024-41139

Name of the Vulnerable Software and Affected Versions SKYSEA Client View versions 6.010.06 through 19.210.04e

Description The issue allows for incorrect privilege assignment. If a user with login access to the PC where the Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privilege.

Recommendations For versions 6.010.06 through 19.210.04e, consider restricting access to the specific folder where the DLL file can be placed to minimize the risk of exploitation. As a temporary workaround, monitor the folder for any suspicious DLL files and remove them immediately. At the moment, there is no information about a newer version that contains a fix for this vulnerability.