PT-2025-3163 · Microsoft+1 · Windows+2

Published

2025-01-22

Updated

2025-03-12

CVE-2024-55957

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Thermo Fisher Scientific Xcalibur versions prior to 4.7 SP1 Thermo Foundation Instrument Control Software (ICSW) versions prior to 3.1 SP10

Description The issue is related to a local privilege escalation vulnerability due to improper access control permissions on Windows systems. This vulnerability affects the driver packages in the mentioned software.

Recommendations For Thermo Fisher Scientific Xcalibur versions prior to 4.7 SP1, update to version 4.7 SP1 or later. For Thermo Foundation Instrument Control Software (ICSW) versions prior to 3.1 SP10, update to version 3.1 SP10 or later.

Fix

Incorrect Authorization

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863CWE-276

Related Identifiers

CVE-2024-55957

Affected Products

Thermo Fisher Scientific Xcalibur

Thermo Foundation Instrument Control

Windows

PT-2025-3163 · Microsoft+1 · Windows+2

CVE-2024-55957

Weakness Enumeration

Related Identifiers

Affected Products

References · 9