CVE-2024-25103

{"id": "CVE-2024-25103", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "vdisclose@cert-in.org.in", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 5.5, "exploitabilityScore": 0.8}]}, "published": "2024-03-06T12:15:45.523", "references": [{"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0081", "source": "vdisclose@cert-in.org.in"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "vdisclose@cert-in.org.in", "description": [{"lang": "en", "value": "CWE-426"}]}], "descriptions": [{"lang": "en", "value": "This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the targeted system."}, {"lang": "es", "value": "Esta vulnerabilidad existe en el software AppSamvid debido al uso de componentes vulnerables y obsoletos. Un atacante con privilegios administrativos locales podr\u00eda aprovechar esto colocando archivos DLL maliciosos en el sistema objetivo. La explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema objetivo."}], "lastModified": "2024-09-23T12:15:03.290", "sourceIdentifier": "vdisclose@cert-in.org.in"}