CVE-2024-31953

MEDIUM Year: 2024
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-269
View all →

Vulnerability Description

An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)

Related Vulnerabilities

CVE-2011-2910

MEDIUM
CVSS:6.7(Medium)

The AX.25 daemon (ax25d) in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would c...

CWE-2692011

CVE-2017-14329

MEDIUM
CVSS:6.7(Medium)

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.

CWE-2692017

CVE-2017-14330

MEDIUM
CVSS:6.7(Medium)

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.

CWE-2692017

CVE-2017-14380

MEDIUM
CVSS:6.7(Medium)

In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_g...

CWE-2692017

CVE-2017-6152

MEDIUM
CVSS:6.7(Medium)

A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account passwor...

CWE-2692017

CVE-2017-6732

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd47343...

CWE-2692017