How severe is CVE-2023-4383?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2023-4383?

This is classified as CWE-279, which is a common weakness in software security.

CVE-2023-4383 - HIGH Severity | CVSS 7.8

Vulnerability Description

A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2024-11220

HIGH

CVSS:7.8(High)

A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file o...

CWE-2792024

CVE-2025-22843

HIGH

CVSS:7.8(High)

Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via local a...

CWE-2792025

CVE-2023-3915

HIGH

CVSS:7.2(High)

An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. If an e...

CWE-2792023

CVE-2023-4665

HIGH

CVSS:8.8(High)

Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation.This issue affects Saphira Connect: before 9.

CWE-2792023

CVE-2023-50914

MEDIUM

CVSS:6.7(Medium)

A Privilege Escalation issue in the inter-process communication procedure from GOG Galaxy (Beta) 2.0.67.2 through v2.0.71.2 allows authentictaed users to change the DACL of arbitrary system directorie...

CWE-2792023

CVE-2024-37025

MEDIUM

CVSS:6.7(Medium)

Incorrect execution-assigned permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installer before version 23.1.1 may allow an authenticated user to potentially enable escalat...

CWE-2792024