How severe is CVE-2023-52952?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 8.5 out of 10.

What type of vulnerability is CVE-2023-52952?

This is classified as CWE-424, which is a common weakness in software security.

CVE-2023-52952 - CRITICAL Severity | CVSS 8.5

Vulnerability Description

A vulnerability has been identified in HiMed Cockpit 12 pro (J31032-K2017-H259) (All versions >= V11.5.1 < V11.6.2), HiMed Cockpit 14 pro+ (J31032-K2017-H435) (All versions >= V11.5.1 < V11.6.2), HiMed Cockpit 18 pro (J31032-K2017-H260) (All versions >= V11.5.1 < V11.6.2), HiMed Cockpit 18 pro+ (J31032-K2017-H436) (All versions >= V11.5.1 < V11.6.2). The Kiosk Mode of the affected devices contains a restricted desktop environment escape vulnerability. This could allow an unauthenticated local attacker to escape the restricted environment and gain access to the underlying operating system.

Related Vulnerabilities

CVE-2023-20272

HIGH

CVSS:8.8(High)

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to upload malicious files to the web root of the application. This...

CWE-4242023

CVE-2023-5165

HIGH

CVSS:8.8(High)

Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching ...

CWE-4242023

CVE-2025-48828

CRITICAL

CVSS:9.0(Critical)

Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting template code in an alternative PHP function invocat...

CWE-4242025

CVE-2019-18996

HIGH

CVSS:7.8(High)

Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the loc...

CWE-4242019

CVE-2023-46176

HIGH

CVSS:7.8(High)

IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535.

CWE-4242023

CVE-2024-3459

HIGH

CVSS:7.8(High)

KioWare for Windows (versions all through 8.34) allows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. By using built-in functions of th...

CWE-4242024