CVE-2024-25086

{"id": "CVE-2024-25086", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-07-02T16:15:04.070", "references": [{"url": "https://jungo.com/windriver/versions/", "tags": ["Release Notes"], "source": "cve@mitre.org"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-269"}, {"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code."}, {"lang": "es", "value": "La gesti\u00f3n inadecuada de privilegios en Jungo WinDriver anterior a 12.2.0 permite a atacantes locales escalar privilegios y ejecutar c\u00f3digo arbitrario."}], "lastModified": "2024-07-08T14:17:42.020", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B7C4DE4-D93B-4AA6-B98E-738E00DC5024", "versionEndExcluding": "12.2.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "463EA623-0DC2-4287-A9AC-837CBDECF76C"}, {"criteria": "cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E798352C-E09B-4D18-B3A8-CFCDE0AD3675"}, {"criteria": "cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21CC610A-0561-46A1-9077-D01D5C3F1A8F"}, {"criteria": "cpe:2.3:a:mitsubishielectric:data_transfer_classic:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B36ABBC-DB27-44D1-B844-00DFC3BBF043"}, {"criteria": "cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6E4BC24-6583-4791-9ED9-D2D675187DCD"}, {"criteria": "cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D236ABC2-93E4-4428-B949-7E17945E4D98"}, {"criteria": "cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CED78B28-BBBF-4869-BC1C-F0789867FB4C"}, {"criteria": "cpe:2.3:a:mitsubishielectric:genesis64:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C79890F-0B41-4855-84EE-78D5896C87A1"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gt_got1000:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4400D339-BB12-414A-B891-B6105D7FCA39"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gt_got2000:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6871A74E-8B92-4892-970F-757F404590CB"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03DE7DE4-DC4B-40F3-BB22-B8E524081942"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F8037F0-C124-4EFB-AEA1-89441975D36F"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gx_developer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C37E74B-DA76-4E59-953E-C50D0D75804A"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0B195E2-6076-487C-899F-A40B886BA556"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C4E7C31-D08D-487F-B7FF-9502783FFDB9"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4AEDEEE-5070-41E2-B4DC-6DE8456BC028"}, {"criteria": "cpe:2.3:a:mitsubishielectric:iq_works:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7097AFD0-5A8C-4C62-AAF7-16FB71DE210C"}, {"criteria": "cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A661B972-912C-4DAA-9518-CC01E0EB1A81"}, {"criteria": "cpe:2.3:a:mitsubishielectric:mr_configurator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76C1D9F0-48A8-4193-A781-B19ACE1B0B4B"}, {"criteria": "cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FB81A97-4BE8-4570-914F-304F38968613"}, {"criteria": "cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE14782A-4AD2-4633-8A3A-D81D5C434046"}, {"criteria": "cpe:2.3:a:mitsubishielectric:mx_opc_server_da\\/ua:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A1BABCB-EDD7-4B1D-AE49-77DD1A3CCB1C"}, {"criteria": "cpe:2.3:a:mitsubishielectric:numerical_control_device_communication:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F89B350-B20F-45A8-8809-E9776C319591"}, {"criteria": "cpe:2.3:a:mitsubishielectric:px_developer\\/monitor_tool:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B10E09F-84F3-42E3-9B8D-DE309ED4A4B4"}, {"criteria": "cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C12A1AA-66F0-452F-9B75-562F4A979CBD"}, {"criteria": "cpe:2.3:a:mitsubishielectric:rt_visualbox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33A13944-145E-453E-A409-BE4A984619AA"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:mrzjw3-mc2-utl_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A10A8E35-923F-483B-A924-441B78FFCF6D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:mrzjw3-mc2-utl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "938DDBFF-A0CC-4311-9F30-08ABDBB67742"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:sw0dnc-mneth-b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB49716D-8E0B-4E4C-B206-104BB64F6301"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:sw0dnc-mneth-b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0C8B0237-9A91-4954-AFBE-E661467D842A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:sw1dnc-ccbd2-b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B3B0B5A-27F2-4E08-8B75-1EAAC4DC840D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:sw1dnc-ccbd2-b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0B80AF0C-EFED-4CA0-B990-0ADA6F1D0AEE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-j_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B4348FF-8691-4832-9103-F46282924299"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-j:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "07737420-567D-49CC-9A9E-555038DFF0AA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D3A5D57-DB2C-429F-BB3F-8EB7F4767E1D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FD4CA442-BC30-407E-851E-E03037E75E8D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:sw1dnc-mnetg-b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9826969F-D449-4032-8A0B-050D7CC3B1AE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:sw1dnc-mnetg-b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "858F9CAA-E6D3-4F1D-923D-ED9E05C3AC54"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:sw1dnc-qsccf-b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61A13AD1-22F7-4FFD-BCB7-A4FDAF2BA659"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:sw1dnc-qsccf-b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "009853DA-ACAE-4928-AE90-090A3739BD39"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:sw1dnd-emsdk-b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "476C7885-89D2-4A6C-94FE-E06B55A23E37"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:sw1dnd-emsdk-b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9DF10CF6-1C1D-4768-A349-1AEFD26F491A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}