In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. The attacker could abuse this to load a DLL with SYSTEM privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2023-07-19T21:57:57.236Z
Updated: 2024-08-02T17:01:10.002Z
Reserved: 2023-07-13T18:01:11.673Z
Link: CVE-2023-36853
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-07-19T22:15:11.267
Modified: 2023-11-07T04:16:46.053
Link: CVE-2023-36853
Redhat
No data.