Insecure Permission vulnerability found in Botkind/Siber Systems SyncApp v.19.0.3.0 allows a local attacker toe escalate privileges via the SyncService.exe file.
References
Configurations
History
21 Nov 2024, 07:57
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/IthacaLabs/Botkind/blob/main/Botkind_SyncApp/WeakServicePermissions_InsecureServiceExecutable_CVE-2023-29838.txt - Third Party Advisory | |
References | () https://github.com/IthacaLabs/Botkind/tree/main/Botkind_SyncApp - Exploit |
27 May 2023, 02:07
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-276 | |
CPE | cpe:2.3:a:allwaysync:allwaysync:19.0.3.0:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/IthacaLabs/Botkind/blob/main/Botkind_SyncApp/WeakServicePermissions_InsecureServiceExecutable_CVE-2023-29838.txt - Third Party Advisory | |
References | (MISC) https://github.com/IthacaLabs/Botkind/tree/main/Botkind_SyncApp - Exploit |
22 May 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-22 20:15
Updated : 2024-11-21 07:57
NVD link : CVE-2023-29838
Mitre link : CVE-2023-29838
CVE.ORG link : CVE-2023-29838
JSON object : View
Products Affected
allwaysync
- allwaysync
CWE
CWE-276
Incorrect Default Permissions