Vulnerabilities > CVE-2024-0219 - Unspecified vulnerability in Progress Telerik Justdecompile

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

progress

NVD

Published: 2024-01-31

Updated: 2024-02-09

Summary

In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik JustDecompile install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.

Vulnerable Configurations

Part	Description	Count
Application	Progress Progress Telerik Justdecompile *	1

References

https://docs.telerik.com/devtools/justdecompile/knowledge-base/legacy-installer-vulnerability
https://www.telerik.com/products/decompiler.aspx