Vulnerabilities > CVE-2023-41775 - Unspecified vulnerability in L-Is-B Direct

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

local

low complexity

l-is-b

NVD

Published: 2023-09-08

Updated: 2023-09-14

Summary

Improper access control vulnerability in 'direct' Desktop App for macOS ver 2.6.0 and earlier allows a local attacker to bypass access restriction and to use camrea, microphone, etc. of the device where the product is installed without the user's consent.

Vulnerable Configurations

Part	Description	Count
Application	L-Is-B L IS B Direct *	1
OS	Apple Apple Macos -	1

References

https://jvn.jp/en/jp/JVN42691027/
https://status.direct4b.com/2023/08/31/2023083101/