Vulnerabilities > CVE-2018-9310 - Unspecified vulnerability in Magnicomp Sysinfo

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

magnicomp

linux

NVD

Published: 2018-04-30

Updated: 2019-10-03

Summary

An issue was discovered in MagniComp SysInfo before 10-H82 if setuid root (the default). This vulnerability allows any local user on a Linux/UNIX system to run SysInfo and obtain a root shell, which can be used to compromise the local system.

Vulnerable Configurations

Part	Description	Count
Application	Magnicomp Magnicomp Sysinfo *	1
OS	Linux Linux Linux Kernel -	1

References

http://www.magnicomp.com/about/2018/CVE-2018-9310.html