CVE-2024-25103

Severity CVSS v4.0:

Pending analysis

Type:

CWE-426 Untrusted Search Path

Publication date:

06/03/2024

Last modified:

23/09/2024

Description

This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system.<br /> <br /> Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the targeted system.

Impact

Vector 3.x

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H CVSS v3.1 Severity and Metrics:

Base Score: 6.30 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): Low
Integrity (I): High
Availability (A): High

Base Score 3.x

6.30

Severity 3.x

MEDIUM

References to Advisories, Solutions, and Tools

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0081