CVE-2019-25245

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ross Video DashBoard version 8.5.1

Description An elevation of privileges issue exists in Ross Video DashBoard. Authenticated users can modify executable files because of incorrect permission settings. Attackers can leverage the 'M' or 'C' flags assigned to the 'Authenticated Users' group to replace the DashBoard.exe binary with a malicious executable.

Recommendations Apply appropriate permission settings to prevent unauthorized modification of executable files.

Exploit

Fix

LPE

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2019-25245

Affected Products

Dashboard

CVE-2019-25245

Weakness Enumeration

Related Identifiers

Affected Products

References · 5