An app may be able to elevate privilegesĪ logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. This is fixed in 12.1.2.Ĭertain versions of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware are potentially vulnerable to elevation of privilege.Ī logic issue was addressed with improved checks. Insufficient verification of data authenticity in Zoom for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.įoxit PDF Reader (12.9 and earlier) and Foxit PDF Editor (12.9 and all previous 12.x versions, 11.5 and all previous 11.x versions, and 10.6 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service. Users may potentially utilize higher level system privileges maintained by the Zoom client to spawn processes with escalated privileges. Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
Improper input validation in the installer for Zoom for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services. An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe).
0 kommentar(er)
