WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the program Operator Workspace directory, which holds DLL files and executables. A low-privilege attacker could write a malicious DLL file to the Operator Workspace directory to achieve privilege escalation and the permissions of the user running the program.
Metrics
Affected Vendors & Products
References
History
Wed, 16 Apr 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: icscert
Published: 2022-02-24T18:26:59.219Z
Updated: 2025-04-16T16:44:41.517Z
Reserved: 2022-02-10T00:00:00.000Z
Link: CVE-2022-23104

Updated: 2024-08-03T03:36:19.171Z

Status : Modified
Published: 2022-02-24T19:15:10.127
Modified: 2024-11-21T06:48:00.103
Link: CVE-2022-23104

No data.