Vulnerabilities > CVE-2023-25069 - Unspecified vulnerability in Trendmicro Txone Stellarone

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

trendmicro

NVD

Published: 2023-03-22

Updated: 2023-11-07

Summary

TXOne StellarOne has an improper access control privilege escalation vulnerability in every version before V2.0.1160 that could allow a malicious, falsely authenticated user to escalate his privileges to administrator level. With these privileges, an attacker could perform actions they are not authorized to. Please note: an attacker must first obtain a low-privileged authenticated user's profile on the target system in order to exploit this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Trendmicro Trendmicro Txone Stellarone -	1
OS	Linux Linux Linux Kernel -	1

References

https://success.trendmicro.com/solution/000292486
https://www.zerodayinitiative.com/advisories/ZDI-23-231/