CVE-2023-6044

MEDIUM Year: 2023
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-290
View all →

Vulnerability Description

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker with physical access to impersonate Lenovo Vantage Service and execute arbitrary code with elevated privileges.

Related Vulnerabilities

CVE-2022-1745

MEDIUM
CVSS:6.8(Medium)

The authentication mechanism used by technicians on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker with physical access may use this to gain administr...

CWE-2902022

CVE-2023-4001

MEDIUM
CVSS:6.8(Medium)

An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection...

CWE-2902023

CVE-2020-7326

MEDIUM
CVSS:6.7(Medium)

Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core tr...

CWE-2902020

CVE-2020-7327

MEDIUM
CVSS:6.7(Medium)

Improperly implemented security check in McAfee MVISION Endpoint Detection and Response Client (MVEDR) prior to 3.2.0 may allow local administrators to execute malicious code via stopping a core Windo...

CWE-2902020

CVE-2023-27199

MEDIUM
CVSS:6.7(Medium)

PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a malicious shared library and use LD_PRELOAD to bypass authorization checks.

CWE-2902023

CVE-1999-0012

HIGH
CVSS:7.0(High)

Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.

CWE-2901999