Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-50226

Summary
Assigner-zdi
Assigner Org ID-99f1926a-a320-47d8-bbb5-42feb611262e
Published At-03 May, 2024 | 02:14
Updated At-18 Sep, 2024 | 18:30
Rejected At-
Credits

Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability

Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to move arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. . Was ZDI-CAN-21227.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:zdi
Assigner Org ID:99f1926a-a320-47d8-bbb5-42feb611262e
Published At:03 May, 2024 | 02:14
Updated At:18 Sep, 2024 | 18:30
Rejected At:
▼CVE Numbering Authority (CNA)
Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability

Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to move arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. . Was ZDI-CAN-21227.

Affected Products
Vendor
Parallels International GmbhParallels
Product
Desktop
Default Status
unknown
Versions
Affected
  • 18.3.0 (53606)
Problem Types
TypeCWE IDDescription
CWECWE-59CWE-59: Improper Link Resolution Before File Access ('Link Following')
Type: CWE
CWE ID: CWE-59
Description: CWE-59: Improper Link Resolution Before File Access ('Link Following')
Metrics
VersionBase scoreBase severityVector
3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.zerodayinitiative.com/advisories/ZDI-23-1805/
x_research-advisory
https://kb.parallels.com/en/125013
vendor-advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-23-1805/
Resource:
x_research-advisory
Hyperlink: https://kb.parallels.com/en/125013
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Parallels International Gmbhparallels
Product
parallels_desktop
CPEs
  • cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 18.3.2 (semver)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.zerodayinitiative.com/advisories/ZDI-23-1805/
x_research-advisory
x_transferred
https://kb.parallels.com/en/125013
vendor-advisory
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-23-1805/
Resource:
x_research-advisory
x_transferred
Hyperlink: https://kb.parallels.com/en/125013
Resource:
vendor-advisory
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:zdi-disclosures@trendmicro.com
Published At:03 May, 2024 | 03:16
Updated At:08 Aug, 2025 | 18:43

Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to move arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. . Was ZDI-CAN-21227.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Parallels International Gmbh
parallels
>>parallels_desktop>>Versions before 17.1.7_\(51588\)(exclusive)
cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:macos:*:*
Parallels International Gmbh
parallels
>>parallels_desktop>>Versions from 18.0.0_\(53049\)(inclusive) to 18.3.2_\(53621\)(exclusive)
cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:macos:*:*
Weaknesses
CWE IDTypeSource
CWE-59Secondaryzdi-disclosures@trendmicro.com
CWE ID: CWE-59
Type: Secondary
Source: zdi-disclosures@trendmicro.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://kb.parallels.com/en/125013zdi-disclosures@trendmicro.com
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-23-1805/zdi-disclosures@trendmicro.com
Third Party Advisory
https://kb.parallels.com/en/125013af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-23-1805/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: https://kb.parallels.com/en/125013
Source: zdi-disclosures@trendmicro.com
Resource:
Vendor Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-23-1805/
Source: zdi-disclosures@trendmicro.com
Resource:
Third Party Advisory
Hyperlink: https://kb.parallels.com/en/125013
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-23-1805/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

79Records found
CVE-2024-1867
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.52%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 20:05
Updated-03 Jan, 2025 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
G DATA Total Security Link Following Local Privilege Escalation Vulnerability

G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the G DATA Backup Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22312.

Action-Not Available
Vendor-gdata-softwareG DATAgdata-software
Product-total_securityTotal Securitytotal_security
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2018-10722
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.41%
||
7 Day CHG~0.00%
Published-04 May, 2018 | 00:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges because users have Modify access to the %PROGRAMFILES%\Cylance\Desktop\log folder, the CyUpdate process grants users Modify access to new files created in this folder, and a new file can be a symlink chain to a pathname of an arbitrary DLL that CyUpdate uses.

Action-Not Available
Vendor-cylancen/a
Product-cylanceprotectn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2018-10380
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.87%
||
7 Day CHG~0.00%
Published-08 May, 2018 | 08:00
Updated-05 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.

Action-Not Available
Vendor-n/aKDEDebian GNU/LinuxopenSUSE
Product-plasmadebian_linuxleapn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2015-7724
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.74%
||
7 Day CHG~0.00%
Published-07 Jun, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723.

Action-Not Available
Vendor-n/aAdvanced Micro Devices, Inc.
Product-fglrx-drivern/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2015-6240
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.42%
||
7 Day CHG~0.00%
Published-07 Jun, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-ansiblen/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2015-3315
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-4.83% / 89.11%
||
7 Day CHG~0.00%
Published-26 Jun, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-enterprise_linux_desktopenterprise_linux_hpc_node_eusenterprise_linux_workstationautomatic_bug_reporting_toolenterprise_linux_server_eusenterprise_linux_serverenterprise_linux_hpc_noden/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2014-3219
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.32%
||
7 Day CHG~0.00%
Published-09 Feb, 2018 | 22:00
Updated-06 Aug, 2024 | 10:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.

Action-Not Available
Vendor-fishshelln/aFedora Project
Product-fedorafishn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2018-1780
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.43%
||
7 Day CHG-0.00%
Published-09 Nov, 2018 | 00:00
Updated-16 Sep, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local db2 instance owner to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X-Force ID: 148803.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2 for Linux, UNIX and Windows
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-11396
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.43%
||
7 Day CHG~0.00%
Published-29 Aug, 2019 | 19:06
Updated-04 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder (files / folders and configuration) are incompatible with the privileged file manipulation performed by the product. Files can be created that can be used by an unprivileged user to obtain SYSTEM privileges. Arbitrary file creation can be achieved by abusing the SwuConfig.json file creation: an unprivileged user can replace these files by pseudo-symbolic links to arbitrary files. When an update occurs, a privileged service creates a file and sets its access rights, offering write access to the Everyone group in any directory.

Action-Not Available
Vendor-aviran/aMicrosoft Corporation
Product-windowsfree_security_suitesoftware_updatern/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2017-8108
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.52%
||
7 Day CHG~0.00%
Published-08 Jun, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file.

Action-Not Available
Vendor-cisofyn/a
Product-lynisn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-42099
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.60%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:13
Updated-12 Aug, 2025 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability

Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21846.

Action-Not Available
Vendor-Intel Corporation
Product-driver_\&_support_assistantDriver & Support Assistantdriver\&support_assistant
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7251
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.04% / 8.82%
||
7 Day CHG~0.00%
Published-29 Jul, 2024 | 21:18
Updated-20 Aug, 2024 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability

Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the agent to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22832.

Action-Not Available
Vendor-comodoComodocomodo
Product-internet_securityInternet Security Prointernet_security
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7232
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.17%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:11
Updated-11 Dec, 2024 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability

Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22963.

Action-Not Available
Vendor-avastAvastavast
Product-free_antivirusFree Antivirusfree_antivirus
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7239
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.17%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:12
Updated-11 Dec, 2024 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
VIPRE Advanced Security Link Following Local Privilege Escalation Vulnerability

VIPRE Advanced Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Anti Malware Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22314.

Action-Not Available
Vendor-vipreVIPREvipre
Product-advanced_securityAdvanced Securityadvanced_security
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7229
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.17%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:11
Updated-09 Dec, 2024 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability

Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Cleanup Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22892.

Action-Not Available
Vendor-avastAvastavast
Product-cleanup_premiumCleanup Premiumcleanup
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7233
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.17%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:11
Updated-08 Jan, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability

Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23731.

Action-Not Available
Vendor-avastAvastavast
Product-free_antivirusFree Antivirusfree_antivirus
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7249
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.60%
||
7 Day CHG~0.00%
Published-29 Jul, 2024 | 21:18
Updated-20 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Comodo Firewall Link Following Local Privilege Escalation Vulnerability

Comodo Firewall Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the application to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21794.

Action-Not Available
Vendor-comodoComodocomodo
Product-firewallFirewallfirewall
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-6233
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.17%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 20:05
Updated-15 Aug, 2025 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability

Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Forensic Recorder service. By creating a symbolic link, an attacker can abuse the service to overwrite arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21677.

Action-Not Available
Vendor-Check Point Software Technologies Ltd.
Product-zonealarm_extreme_securityZoneAlarm Extreme Securityzonealarm_extreme_security
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2017-7501
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.02%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation.

Action-Not Available
Vendor-rpmRed Hat, Inc.
Product-rpmrpm
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-32179
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.25% / 48.26%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:56
Updated-08 Aug, 2025 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
VIPRE Antivirus Plus FPQuarTransfer Link Following Local Privilege Escalation Vulnerability

VIPRE Antivirus Plus FPQuarTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the FPQuarTransfer method. By creating a symbolic link, an attacker can abuse the method to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. . Was ZDI-CAN-19397.

Action-Not Available
Vendor-vipreVIPREvipre
Product-antivirusAntivirus Plusantivirus_plus
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-32175
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.23% / 45.24%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:56
Updated-08 Aug, 2025 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
VIPRE Antivirus Plus Link Following Local Privilege Escalation Vulnerability

VIPRE Antivirus Plus Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Anti Malware Service. By creating a symbolic link, an attacker can abuse the service to create arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18899.

Action-Not Available
Vendor-vipreVIPREvipre
Product-antivirusAntivirus Plusantivirus_plus
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-32178
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.25% / 48.26%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:56
Updated-08 Aug, 2025 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability

VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TelFileTransfer method. By creating a symbolic link, an attacker can abuse the method to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. . Was ZDI-CAN-19396.

Action-Not Available
Vendor-vipreVIPREvipre
Product-antivirusAntivirus Plusantivirus_plus
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7242
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.26%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:12
Updated-03 Dec, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Panda Security Dome Link Following Local Privilege Escalation Vulnerability

Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the PSANHost executable. By creating a junction, an attacker can abuse the service to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23402.

Action-Not Available
Vendor-pandasecurityPanda Securitypandasecurity
Product-panda_domeDomepanda_dome
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7227
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.17%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:11
Updated-09 Dec, 2024 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability

Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22272.

Action-Not Available
Vendor-avastAvastavast
Product-free_antivirusFree Antivirusfree_antivirus
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2015-7723
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.74%
||
7 Day CHG~0.00%
Published-07 Jun, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack.

Action-Not Available
Vendor-n/aAdvanced Micro Devices, Inc.
Product-fglrx-drivern/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2015-0796
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-6.3||MEDIUM
EPSS-0.16% / 37.00%
||
7 Day CHG~0.00%
Published-02 Mar, 2018 | 20:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
open build service source server symlink exploitation via source patch

In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow buildservice users to break of confinement or cause denial of service attacks on the source service.

Action-Not Available
Vendor-openSUSESUSE
Product-open_buildserviceopen build service
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-9766
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.44%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:02
Updated-04 Dec, 2024 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability

Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within WTabletServicePro process. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-24304.

Action-Not Available
Vendor-wacomWacom
Product-centerCenter
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-7230
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.17%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 21:11
Updated-09 Dec, 2024 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability

Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Cleanup Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22893.

Action-Not Available
Vendor-avastAvastavast
Product-cleanup_premiumCleanup Premiumcleanup
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2016-3096
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.59%
||
7 Day CHG-0.01%
Published-03 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.

Action-Not Available
Vendor-n/aRed Hat, Inc.Fedora Project
Product-fedoraansiblen/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
  • Previous
  • 1
  • 2
  • Next
Details not found