Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2023-41966 | Improper Privilege Management vulnerability in Sielco products The application suffers from a privilege escalation vulnerability. | 8.8 |
| 2023-10-26 | CVE-2023-5622 | Improper Privilege Management vulnerability in Tenable Nessus Network Monitor 5.11.0/5.11.1/5.12.0 Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file. | 8.8 |
| 2023-10-25 | CVE-2023-4607 | Improper Privilege Management vulnerability in Lenovo products An authenticated XCC user can change permissions for any user through a crafted API command. | 8.8 |
| 2023-10-17 | CVE-2023-41715 | Improper Privilege Management vulnerability in Sonicwall Sonicos SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel. | 8.8 |
| 2023-10-16 | CVE-2023-4834 | Improper Privilege Management vulnerability in multiple products In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain read access to limited, non-critical device information in his account he should not have access to. | 4.3 |
| 2023-10-16 | CVE-2023-38280 | Improper Privilege Management vulnerability in IBM Hardware Management Console 10.1.1010.0/10.2.1030.0 IBM HMC (Hardware Management Console) 10.1.1010.0 and 10.2.1030.0 could allow a local user to escalate their privileges to root access on a restricted shell. | 7.8 |
| 2023-10-11 | CVE-2023-38817 | Improper Privilege Management vulnerability in Echo Anti Cheat Tool An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. | 7.8 |
| 2023-10-11 | CVE-2023-43960 | Improper Privilege Management vulnerability in Dlink Dph-400Se Firmware 2.2.15.8 An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component. | 8.8 |
| 2023-10-11 | CVE-2023-44105 | Improper Privilege Management vulnerability in Huawei Emui and Harmonyos Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally. | 9.8 |
| 2023-10-06 | CVE-2023-5214 | Improper Privilege Management vulnerability in Puppet Bolt In Puppet Bolt versions prior to 3.27.4, a path to escalate privileges was identified. | 9.8 |