Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-40458

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-22 May, 2025 | 00:00
Updated At-22 May, 2025 | 20:31
Rejected At-
Credits

An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate privileges via the modification of TCP packets.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:22 May, 2025 | 00:00
Updated At:22 May, 2025 | 20:31
Rejected At:
▼CVE Numbering Authority (CNA)

An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate privileges via the modification of TCP packets.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://drive.google.com/file/d/1E8dxLt2LnvmLcCEUyp6qtnG-yZjyvMji/view?usp=drive_link
N/A
https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md
N/A
Hyperlink: https://drive.google.com/file/d/1E8dxLt2LnvmLcCEUyp6qtnG-yZjyvMji/view?usp=drive_link
Resource: N/A
Hyperlink: https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-269CWE-269 Improper Privilege Management
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-269
Description: CWE-269 Improper Privilege Management
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:22 May, 2025 | 19:15
Updated At:30 May, 2025 | 01:17

An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate privileges via the modification of TCP packets.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
ocuco
ocuco
>>innovation>>2.10.24.51
cpe:2.3:a:ocuco:innovation:2.10.24.51:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-269Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-20
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-269
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://drive.google.com/file/d/1E8dxLt2LnvmLcCEUyp6qtnG-yZjyvMji/view?usp=drive_linkcve@mitre.org
Permissions Required
https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.mdcve@mitre.org
Exploit
Hyperlink: https://drive.google.com/file/d/1E8dxLt2LnvmLcCEUyp6qtnG-yZjyvMji/view?usp=drive_link
Source: cve@mitre.org
Resource:
Permissions Required
Hyperlink: https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md
Source: cve@mitre.org
Resource:
Exploit

Change History

0
Information is not available yet

Similar CVEs

1133Records found
CVE-2025-0320
Matching Score-4
Assigner-Citrix Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Citrix Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.07% / 21.84%
||
7 Day CHG~0.00%
Published-17 Jun, 2025 | 13:25
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Citrix Secure Access - Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows

Action-Not Available
Vendor-Citrix (Cloud Software Group, Inc.)Microsoft Corporation
Product-secure_access_clientwindowsSecure Access Client for Windows
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-36927
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.23% / 45.95%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 18:12
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability

Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_8.1windows_rt_8.1windows_7windows_server_2008Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows Server 2012Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server 2012 R2 (Server Core installation)Windows 7 Service Pack 1
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-36973
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.25% / 48.15%
||
7 Day CHG~0.00%
Published-15 Sep, 2021 | 11:23
Updated-18 Nov, 2024 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability

Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2019windows_server_2022windows_10Windows Server 2022Windows 10 Version 2004Windows 10 Version 1507Windows 10 Version 1607Windows Server version 2004Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows Server 2016Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows Server 2019Windows Server version 20H2Windows 10 Version 1909Windows 10 Version 20H2
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-0327
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-8.5||HIGH
EPSS-0.15% / 35.56%
||
7 Day CHG~0.00%
Published-13 Feb, 2025 | 06:20
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit trail data and the other acting as server managing client request) that could cause a loss of Confidentiality, Integrity and Availability of engineering workstation when an attacker with standard privilege modifies the executable path of the windows services. To be exploited, services need to be restarted.

Action-Not Available
Vendor-Schneider Electric SE
Product-EcoStruxure Process Expert for AVEVA System PlatformEcoStruxure Process Expert
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-35052
Matching Score-4
Assigner-Kaspersky
ShareView Details
Matching Score-4
Assigner-Kaspersky
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.58%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:30
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High.

Action-Not Available
Vendor-n/aKaspersky Lab
Product-password_managerKaspersky Password Manager for Windows
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-34488
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 31.67%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 17:54
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Console Driver Elevation of Privilege Vulnerability

Windows Console Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2019windows_10Windows 10 Version 2004Windows Server version 2004Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows Server 2019Windows Server version 20H2Windows 10 Version 1909Windows 10 Version 20H2
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-34411
Matching Score-4
Assigner-Zoom Video Communications, Inc.
ShareView Details
Matching Score-4
Assigner-Zoom Video Communications, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.58%
||
7 Day CHG~0.00%
Published-27 Sep, 2021 | 13:55
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.

Action-Not Available
Vendor-n/aZoom Communications, Inc.
Product-roomsZoom Rooms for Conference Room for Windows
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-35448
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.37% / 59.14%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 19:43
Updated-04 Aug, 2024 | 00:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections.

Action-Not Available
Vendor-remotemousen/aMicrosoft Corporation
Product-windowsemote_interactive_studion/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-34412
Matching Score-4
Assigner-Zoom Video Communications, Inc.
ShareView Details
Matching Score-4
Assigner-Zoom Video Communications, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.12%
||
7 Day CHG~0.00%
Published-27 Sep, 2021 | 13:55
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.

Action-Not Available
Vendor-n/aZoom Communications, Inc.
Product-meetingsZoom Client for Meetings for Windows
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-34456
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.86%
||
7 Day CHG~0.00%
Published-16 Jul, 2021 | 20:19
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Windows 10 Version 1607Windows Server version 2004Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server version 20H2Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-3490
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-3.76% / 88.18%
||
7 Day CHG+0.37%
Published-04 Jun, 2021 | 01:40
Updated-16 Sep, 2024 | 22:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux kernel eBPF bitwise ops ALU32 bounds tracking

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e ("bpf: Fix alu32 const subreg bound tracking on bitwise operations") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. The AND/OR issues were introduced by commit 3f50f132d840 ("bpf: Verifier, do explicit ALU32 bounds tracking") (5.7-rc1) and the XOR variant was introduced by 2921c90d4718 ("bpf:Fix a verifier failure with xor") ( 5.10-rc1).

Action-Not Available
Vendor-Linux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelLinux kernel
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-34459
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 53.74%
||
7 Day CHG~0.00%
Published-16 Jul, 2021 | 20:19
Updated-19 Nov, 2024 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows AppContainer Elevation Of Privilege Vulnerability

Windows AppContainer Elevation Of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_10windows_server_2019Windows 10 Version 1607Windows Server version 2004Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows Server version 20H2Windows 10 Version 1909Windows Server 2016Windows 10 Version 20H2Windows 10 Version 2004Windows 10 Version 1507Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-34461
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.32% / 54.75%
||
7 Day CHG~0.00%
Published-16 Jul, 2021 | 20:19
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10Windows 10 Version 2004Windows Server version 2004Windows 10 Version 21H1Windows Server version 20H2Windows 10 Version 20H2
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-34477
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.26% / 49.15%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 17:54
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability

Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-.net_education_bundle_sdk_install_tool.net_install_tool_for_extension_authors.NET Education Bundle SDK Install Tool.NET Install Tool for Extension Authors
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-34514
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.41% / 61.28%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 17:54
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Windows 10 Version 1607Windows Server version 2004Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server version 20H2Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-3439
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.68%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 21:39
Updated-27 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP has identified a potential vulnerability in BIOS firmware of some Workstation products. Firmware updates are being released to mitigate these potential vulnerabilities.

Action-Not Available
Vendor-HP Inc.
Product-zhan_86_pro_g2_microtower_\(rom_family_ssid_843c\)288_pro_g4_microtower_\(rom_family_ssid_843c\)proone_600_g4_21.5-inch_touch_all-in-one_business_pc290_g2_small_form_factor_\(rom_family_ssid_8768\)_firmwareelitebook_x360_1040_g7_firmwareelite_slice_g2_with_microsoft_teams_roomszbook_15_g4probook_450_g3prodesk_600_g5_small_form_factor_pczhan_66_pro_15_g2_firmwareproone_490_g3_\(rom_family_ssid_81b7\)zhan_86_pro_g1_microtower_pcelitedesk_800_g2_tower_pceliteone_1000_g1_23.8-in_touch_all-in-one_business_pcprobook_430_g7elitedesk_800_35w_g4_desktop_mini_pc_firmware288_pro_g5_microtower_\(rom_family_ssid_86e9\)_firmwarez4_g4_workstation_\(core-x\)_firmwareelitebook_x360_1030_g7_firmwaredesktop_pro_g1_microtower_\(rom_family_ssid_843c\)_firmwareelitebook_840_g3elitebook_x360_1030_g4_firmware288_pro_g6_microtower_\(rom_family_ssid_8948\)zhan_66_pro_13_g2elitebook_folio_g1_firmwareeliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmwareprobook_430_g8probook_440_g8probook_x360_11_g4_education_edition_firmwarezbook_17_g6zbook_firefly_15_g7engage_flex_pro_retail_systemzbook_17_g3256_g4_firmwareelite_sliceproone_440_g3_\(rom_family_ssid_81b7\)z2_small_form_factor_g5240_g6probook_640_g3prodesk_400_g6_small_form_factor_pcelitedesk_800_g6_tower_pc200_g3_all-in-one_\(rom_family_ssid_8431\)prodesk_600_g5_desktop_mini_pc340s_g7_firmwareelitedesk_800_g4_tower_pcelitebook_1040_g3240_g4z2_mini_g5_firmwaredesktop_pro_g2_microtower_pc_firmwareprobook_640_g4_firmwarezbook_studio_g7_firmwaremt31_thin_client_firmwareprodesk_600_g2_microtower_pc290_g4_microtower_\(rom_family_ssid_8948\)_firmwareprobook_440_g3prodesk_600_g3_desktop_mini_pc_firmwarez240_tower_firmwaredesktop_pro_g3406_microtower_pc_firmwareeliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_business_pc_firmwareelite_x2_1012_g1218_pro_g5_microtower_pcspectre_pro_13_g1_firmwareelite_x2_1012_g1_tabletmt31_thin_clientzbook_studio_x360_g5_firmwareeliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware260_g3_desktop_mini_pcprobook_450_g8_firmwareprobook_650_g7probook_430_g3280_pro_g3_microtower_pcelitedesk_880_g2_tower_pc_firmwareprodesk_400_g3_desktop_mini_pc_firmwareelitedesk_800_35w_g2_desktop_mini_pc_firmwaremp9_g2_retail_system_firmware340_g3elite_slice_g2_with_zoom_rooms_firmware288_pro_g6_microtower_\(rom_family_ssid_877e\)_firmware200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f8\)z2_mini_g3290_g2_small_form_factor_\(rom_family_ssid_86e9\)stream_11_pro_g4z2_tower_g4_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmwareelitedesk_800_g2_tower_pc_firmwareengage_flex_pro_retail_system_firmware346_g3_firmwareprodesk_400_g3_desktop_mini_pcengage_flex_pro-c_retail_system_firmwareproone_440_g5_23.8-in_all-in-one_business_pc_firmwarezbook_15v_g5_mobile_workstationelitedesk_800_g4_small_form_factor_pceliteone_800_g5_23.8-in_healthcare_edition_all-in-oneprobook_x360_11_g6_education_edition_firmwareprodesk_480_g4_microtower_pcelite_dragonfly_g2engage_one_pro_aio_system_firmwarezbook_14u_g5probook_430_g4prodesk_480_g7_pci_microtower_pc280_g5_small_form_factor_\(rom_family_ssid_86e9\)engage_gomobile_systemprobook_430_g7_firmwarezbook_14u_g4246_g6_firmware280_pro_g3_microtower_pc_firmwareeliteone_800_g2_23-inch_touch_all-in-one_pc280_pro_g4_microtower_\(rom_family_ssid_843c\)_firmwarez1_entry_tower_g5280_g3_small_form_factor_\(rom_family_ssid_843f\)_firmware290_g4_microtower_\(rom_family_ssid_877e\)probook_x360_11_g5_education_edition_firmwaredesktop_pro_g2_microtower_pcprodesk_480_g6_microtower_pc_firmwarez640_workstation_firmwareeliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_business_pc250_g5z2_tower_g5_firmwareeliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc258_g6_firmwareelitedesk_800_g5_tower_pcprodesk_400_g4_desktop_mini_pc_firmware256_g4desktop_pro_g3_firmwareprodesk_600_g6_small_form_factor_pc_firmwareelitebook_x360_1040_g6elitedesk_800_g6_desktop_mini_pc_firmwarez240_small_form_factorelite_dragonflyzhan_x_13_g2348_g5zhan_66_pro_14_g3eliteone_800_g6_24_all-in-one_pc260_g4_desktop_mini_pc_firmwareprodesk_680_g4_microtower_pc_\(with_pci_slot\)zbook_15u_g6zcentral_4rprobook_630_g8zbook_15_g3_firmwarezhan_99_pro_g1_microtower_\(rom_family_ssid_843c\)_firmware200_g3_all-in-one_\(rom_family_ssid_8431\)_firmwaremt22_thin_client_firmwareeliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc280_g3_small_form_factor_\(rom_family_ssid_843f\)probook_450_g4engage_one_all-in-one_systemprobook_630_g8_firmwareelitebook_1030_g1_firmwareengage_one_pro_aio_systemeliteone_800_g3_23.8-inch_touch_all-in-one_pcengage_gomobile_system_firmwaremt21_thin_client_firmwareprobook_446_g3256_g5zhan_66_pro_g1_r_microtower_pc_firmwareprodesk_600_g4_small_form_factor_pcspectre_pro_x360_g2256_g5_firmwareprobook_640_g8_firmware288_pro_g6_microtower_\(rom_family_ssid_8948\)_firmware340_g5_firmwareprodesk_400_g6_microtower_pcelitedesk_800_g3_small_form_factor_pc290_g2_small_form_factor_\(rom_family_ssid_86e9\)_firmwarestream_11_pro_g5elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms240_g7_firmwareelitebook_840_g3_firmware240_g4_firmware246_g4probook_430_g5_firmware346_g4290_g1_small_form_factor_\(rom_family_ssid_843f\)_firmwareelite_x2_g4prodesk_400_g5_small_form_factor_pc_firmwareprodesk_480_g4_microtower_pc_firmwarez240_small_form_factor_firmwareelite_slice_firmwarezbook_power_g7_firmwarezhan_66_pro_15_g3290_g3_\(rom_family_ssid_86e9\)_firmwarez2_tower_g5zbook_14u_g4_firmwareproone_400_g3_20-inch_non-touch_all-in-one_pcz2_small_form_factor_g4_firmwaremt20_thin_client_firmwareprodesk_600_g4_small_form_factor_pc_firmwareprodesk_400_g7_microtower_pc_firmwareprobook_x360_11_g5_education_editionz1_all-in-one_g3_firmwarezbook_studio_g4_firmwareelitebook_828_g4_firmwaredesktop_pro_g2z840_workstation250_g6elitebook_x360_1040_g5_firmwareprodesk_680_g6_pci_microtower_pc_firmwareeliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pcelitebook_x360_1040_g6_firmwareprodesk_600_g5_microtower_pc_\(with_pci_slot\)_firmwareelite_slice_g2_with_intel_uniteproone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware250_g5_firmwarezhan_66_pro_14_g4_firmwarezhan_66_pro_g1eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware348_g4probook_430_g3_firmwareelitedesk_800_65w_g2_desktop_mini_pc_firmwarezbook_fury_15_g7_firmwareprobook_440_g4288_pro_g3_microtower250_g4_firmwareprodesk_600_g3_small_form_factor_pc_firmwareelitebook_840_g6zbook_15_g5z238_microtower_firmwarezbook_studio_g4mt21_thin_clientprodesk_680_g3_microtower_pcelitebook_828_g3prodesk_680_g4_microtower_pc_firmwareelitedesk_800_35w_g4_desktop_mini_pczbook_15u_g3470_g7elitedesk_800_g5_desktop_mini_pcprodesk_680_g2_microtower_pc_firmwareelitebook_x360_1040_g7z238_microtowerprodesk_400_g4_desktop_mini_pcprodesk_600_g6_small_form_factor_pcstream_11_pro_g4_firmwareproone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f8\)_firmwareprobook_470_g4elitebook_848_g3zhan_66_pro_g3_24_all-in-one_pc_firmware250_g6_firmwareprodesk_600_g6_microtower_pceliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmwareelite_x2_1012_g2elitebook_840_g6_firmwarez2_tower_g4probook_440_g4_firmware280_g4_small_form_factor_\(rom_family_ssid_86e9\)_firmwareprodesk_400_g5_desktop_mini_pcsprout_pro_by_g2240_g7elitebook_848_g3_firmwarezhan_66_pro_g1_firmwareelitebook_1050_g1prodesk_600_g4_microtower_pc_firmwareprodesk_600_g3_microtower_pc_firmwareproone_600_g2_21.5-inch_non-touch_all-in-one_pcelitebook_x360_830_g6_firmwarezbook_create_g7proone_440_g4_23.8-inch_non-touch_all-in-one_business_pcproone_600_g6_22_all-in-one_pceliteone_1000_g1_23.8-in_all-in-one_business_pcprodesk_480_g5_microtower_pcelitebook_840_g5_healthcare_editionelitedesk_800_g6_small_form_factor_pc_firmwareprodesk_400_g2_desktop_mini_pcelitedesk_800_g4_workstation_edition_firmwareelitedesk_800_g3_tower_pc_firmwarezhan_66_pro_g1_microtower_pc_firmwareprobook_470_g3zbook_14u_g6_firmwareprobook_x360_11_g3_education_editionprobook_x360_440_g1_firmwareelitedesk_800_g4_tower_pc_firmwareelitebook_x360_1030_g3probook_x360_11_g2_education_edition_firmwareelitedesk_800_65w_g2_desktop_mini_pcprodesk_400_g5_small_form_factor_pc282_pro_g4_microtower_\(rom_family_ssid_843c\)proone_440_g3_\(rom_family_ssid_81b7\)_firmwareprodesk_600_g2_desktop_mini_pceliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmwareprobook_450_g7406_microtower_pcprodesk_600_g2_microtower_pc_firmwareelitebook_850_g3_firmwareprodesk_600_g6_pci_microtower_pcelitedesk_880_g3_tower_pc_firmwareproone_600_g5_21.5-in_all-in-one_business_pcz2_mini_g4prodesk_680_g4_microtower_pc_\(with_pci_slot\)_firmwareprobook_650_g8_firmwareprobook_446_g3_firmwarezbook_15_g4_firmwareelitebook_x360_1030_g4proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmwareelitebook_848_g4_firmwareelitedesk_800_g6_desktop_mini_pcdesktop_pro_microtower_pczhan_66_pro_15_g2280_g3_microtower_pc_firmwareelitedesk_800_g4_workstation_edition290_g1_small_form_factor_\(rom_family_ssid_843f\)proone_440_g5_23.8-in_all-in-one_business_pcelitebook_850_g4zhan_66_pro_g3_24_all-in-one_pc348_g3_firmwareelite_dragonfly_max205_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmwareproone_400_g2_20-inch_touch_all-in-one_pc280_g5_small_form_factor_\(rom_family_ssid_86e9\)_firmwareelitedesk_800_35w_g3_desktop_mini_pc_firmwareelitedesk_800_g6_tower_pc_firmwareprodesk_600_g6_microtower_pc_firmware246_g7zbook_15_g6elitedesk_880_g6_tower_pc_firmwareprodesk_600_g3_desktop_mini_pczbook_studio_g5elitebook_1040_g3_firmware280_g3_pci_microtower_pcelite_x2_1012_g2_firmwarezbook_15v_g5_mobile_workstation_firmwarerp9_g1_retail_systemprobook_650_g4elitebook_848_g4eliteone_800_g2_23-inch_non-touch_all-in-one_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmwareprobook_640_g4prodesk_400_g4_microtower_pcelitedesk_800_35w_g2_desktop_mini_pcprodesk_600_g5_small_form_factor_pc_firmware256_g7_firmware288_pro_g3_microtower_firmwareelitebook_1030_g1200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f8\)_firmwarez1_entry_tower_g6_firmwareelitebook_840_g6_healthcare_edition_firmwarezbook_15u_g4_firmwareproone_400_g4_23.8-inch_non-touch_all-in-one_business_pcpro_x2_612_g2_firmware200_g4_22_all-in-one_pc_\(rom_family_ssid_86f8\)_firmware340_g4_firmwareprobook_640_g7280_g5_microtower_\(rom_family_ssid_877e\)_firmwareprobook_450_g5_firmwaremt22_thin_clientz1_entry_tower_g6zbook_fury_17_g7340_g7_firmwarezbook_15u_g5258_g7elitedesk_800_65w_g3_desktop_mini_pcelitedesk_880_g2_tower_pceliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmwareengage_one_all-in-one_system_firmwareelite_x2_g4_firmwarezbook_15u_g3_firmwarezhan_66_pro_14_g3_firmwareeliteone_1000_g2_23.8-in_touch_all-in-one_business_pcproone_400_g6_24_all-in-one_pc_firmware282_pro_g5_microtower_\(rom_family_ssid_86e9\)_firmware290_g4_microtower_\(rom_family_ssid_8948\)elitebook_830_g5prodesk_480_g5_microtower_pc_firmwaredesktop_pro_g2_firmwareelite_slice_for_meeting_roomsz240_tower280_g4_small_form_factor_\(rom_family_ssid_86e9\)mt20_thin_clientelitebook_folio_g1desktop_pro_300_g3zbook_17_g4proone_400_g2_20-inch_non-touch_all-in-one_pc_firmwaremp9_g4_retail_systemelitebook_840_g5_firmwarez2_small_form_factor_g5_firmwarezbook_14u_g6prodesk_400_g4_small_form_factor_pcprodesk_600_g4_desktop_mini_pc_firmwarezhan_86_pro_g2_microtower_\(rom_family_ssid_843c\)_firmware250_g7_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pceliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmwareelitebook_1040_g4282_pro_g3_microtower_pcelitedesk_800_95w_g4_desktop_mini_pc_firmwareproone_600_g3_21.5-inch_non-touch_all-in-one_pc348_g3prodesk_400_g4_small_form_factor_pc_firmwareprobook_470_g4_firmwarerp9_g1_retail_system_firmwareprodesk_680_g6_pci_microtower_pc280_g4_microtower_\(rom_family_ssid_843c\)_firmwareproone_400_g2_20-inch_touch_all-in-one_pc_firmware348_g5_firmware282_pro_g5_microtower_\(rom_family_ssid_86e9\)205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f8\)zhan_66_pro_15_g3_firmwareproone_600_g6_22_all-in-one_pc_firmware282_pro_g3_microtower_pc_firmwareelitebook_x360_830_g7elitebook_x360_1030_g3_firmware280_pro_g6_microtower_\(rom_family_ssid_8948\)_firmwareeliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmwareelitebook_846_g5_firmwareprodesk_600_g3_microtower_pcelite_dragonfly_g2_firmware260_g4_desktop_mini_pcproone_400_g5_23.8-inch_all-in-one_business_pc246_g5256_g6_firmware288_pro_g6_microtower_\(rom_family_ssid_877e\)probook_440_g5prodesk_600_g4_microtower_pcproone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmwarezbook_studio_g5_firmware205_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)elitedesk_880_g3_tower_pczbook_fury_15_g7prodesk_680_g3_microtower_pc_firmwareprobook_650_g3200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)probook_640_g5_firmwareprobook_650_g2elitebook_x360_1040_g8prodesk_400_g6_small_form_factor_pc_firmwareelitedesk_800_65w_g4_desktop_mini_pc_firmwarez_vr_backpack_g1348_g7200_g4_22_all-in-one_pc_\(rom_family_ssid_86f8\)eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmwareelitebook_828_g4348_g7_firmwareprobook_650_g2_firmwarezbook_15_g3proone_600_g5_21.5-in_all-in-one_business_pc_firmware288_pro_g5_microtower_\(rom_family_ssid_86e9\)eliteone_1000_g2_34-in_curved_all-in-one_business_pcprobook_450_g7_firmwareprobook_650_g4_firmware240_g6_firmware280_pro_g3_small_form_factor_\(rom_family_ssid_843f\)probook_640_g7_firmwarez2_mini_g4_firmwareelitebook_830_g6_firmwareproone_400_g5_20-inch_all-in-one_business_pc_firmwareprobook_430_g6_firmwareprodesk_600_g5_microtower_pc_firmwareeliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmwareelitedesk_880_g6_tower_pcelitebook_x360_1030_g8zbook_create_g7_firmwareeliteone_800_g6_27_all-in-one_pcprodesk_600_g6_desktop_mini_pczbook_17_g6_firmwareelitedesk_800_g2_small_form_factor_pc_firmwarez_vr_backpack_g1_firmwareelitebook_840_g7zhan_66_pro_g1_microtower_pcz6_g4_workstationzbook_studio_g7elitebook_x360_1030_g2_firmware218_pro_g5_microtower_pc_firmware340_g4282_pro_g4_microtower_\(rom_family_ssid_843c\)_firmwarezhan_66_pro_14_g2elite_slice_g2_-_audio_ready_with_zoom_roomsz4_g4_workstation_\(xeon_w\)_firmwarepro_x2_612_g2z1_all-in-one_g3240_g5prodesk_400_g5_microtower_pcelitebook_850_g3prodesk_400_g5_microtower_pc_firmwareeliteone_800_g5_23.8-inch_all-in-one_firmwareelitedesk_880_g4_tower_pcelitedesk_800_g4_small_form_factor_pc_firmwareprobook_640_g3_firmwarez2_mini_g3_firmwaret430_thin_client_firmwareprobook_430_g4_firmwareprodesk_400_g6_desktop_mini_pc_firmware280_pro_g3_small_form_factor_\(rom_family_ssid_843f\)_firmwareproone_400_g3_20-inch_touch_all-in-one_pcengage_flex_pro-c_retail_systemprobook_650_g3_firmwareprobook_470_g5258_g6elitedesk_880_g5_tower_pc_firmware240_g5_firmware205_g4_22_all-in-one_pc_\(rom_family_ssid_86f8\)_firmwareelitebook_x360_1030_g2elitebook_830_g7elite_dragonfly_max_firmwarespectre_pro_x360_g2_firmwareprodesk_400_g4_microtower_pc_firmwarezbook_x2_g4_firmwareelite_slice_for_meeting_rooms_firmwareproone_490_g3_\(rom_family_ssid_82dc\)340_g7z6_g4_workstation_firmwareprodesk_600_g4_desktop_mini_pc280_g4_small_form_factor_\(rom_family_ssid_8768\)290_g3_\(rom_family_ssid_86e9\)prodesk_600_g5_desktop_mini_pc_firmwareprobook_650_g5prodesk_600_g5_microtower_pcelitebook_x360_1020_g2_firmwareproone_400_g4_20-inch_non-touch_all-in-one_business_pcz8_g4_workstation_firmwareeliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmwareprobook_440_g7eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc260_g2_desktop_mini340_g5proone_600_g2_21.5-inch_touch_all-in-one_pc_firmwareprobook_640_g8elitebook_830_g5_firmwareprodesk_680_g4_microtower_pc282_pro_g6_microtower_\(rom_family_ssid_8948\)346_g3mp9_g4_retail_system_firmwareprobook_650_g8elitebook_836_g6_firmware280_g3_pci_microtower_pc_firmwareelitedesk_800_g5_small_form_factor_pc_firmwareproone_400_g5_23.8-inch_all-in-one_business_pc_firmwareprobook_640_g2elitebook_850_g6_firmwaremp9_g2_retail_systemprobook_440_g3_firmware346_g4_firmwareelitebook_846_g5zbook_firefly_15_g7_firmwareprobook_440_g6282_pro_g6_microtower_\(rom_family_ssid_8948\)_firmwareproone_490_g3_\(rom_family_ssid_81b7\)_firmwaredesktop_pro_300_g3_firmware340_g3_firmwareelitedesk_800_g3_tower_pczbook_studio_x360_g5elitebook_x360_830_g7_firmwareproone_400_g6_20_all-in-one_pc205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmwarezhan_66_pro_g1_r_microtower_pcelitebook_840_g4_firmware250_g4probook_450_g8zbook_17_g5eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pczbook_firefly_14_g7probook_640_g5zbook_17_g5_firmwareelitebook_850_g5246_g7_firmwareprodesk_600_g6_pci_microtower_pc_firmware200_g3_all-in-one_\(rom_family_ssid_84de\)_firmwareelitebook_840_g5eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmwarezbook_15u_g5_firmwareprobook_650_g7_firmwarezhan_66_pro_14_g4eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmwareeliteone_800_g6_27_all-in-one_pc_firmwareelitebook_850_g7zbook_15_g6_firmwareprodesk_400_g7_small_form_factor_pc_firmwareelitebook_840_g5_healthcare_edition_firmwareprobook_x360_11_g3_education_edition_firmwareproone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmwarezbook_15u_g6_firmwareelitedesk_800_65w_g3_desktop_mini_pc_firmware260_g2_desktop_mini_firmwareelitedesk_880_g5_tower_pcelite_x2_1013_g3_firmwareelitedesk_800_95w_g4_desktop_mini_pcelite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmwareproone_400_g5_20-inch_all-in-one_business_pcelitedesk_800_g3_small_form_factor_pc_firmware280_pro_g6_microtower_\(rom_family_ssid_8948\)elitebook_x360_1040_g5elitebook_x360_1040_g8_firmwareelitebook_x360_830_g5_firmwareproone_400_g6_24_all-in-one_pcz640_workstation280_g3_microtower_pcproone_480_g3_20-inch_non-touch_all-in_one_pcproone_400_g3_20-inch_non-touch_all-in-one_pc_firmwareelite_dragonfly_firmwareelitebook_840_g4stream_11_pro_g5_firmwarez4_g4_workstation_\(core-x\)zhan_66_pro_14_g2_firmwareelitebook_820_g3_firmwarezbook_15_g5_firmware290_g2_microtower_\(rom_family_ssid_843c\)_firmwareeliteone_800_g5_23.8-inch_all-in-oneprobook_450_g5elite_slice_g2_with_intel_unite_firmwaret638_thin_client_firmwarez840_workstation_firmwareelitebook_840r_g4_firmwareprodesk_600_g3_small_form_factor_pcprobook_x360_11_g6_education_editioneliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pct638_thin_client280_pro_g4_microtower_\(rom_family_ssid_843c\)256_g7elitedesk_880_g4_tower_pc_firmwareprodesk_600_g2_small_form_factor_pc_firmwareelitedesk_800_g5_desktop_mini_pc_firmwareelitebook_840r_g4elitebook_836_g5_firmwareeliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware246_g6elitebook_x360_1030_g7290_g1_microtower_pczhan_x_13_g2_firmwareeliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware246_g5_firmwareeliteone_800_g3_23.8-inch_non-touch_all-in-one_pcz8_g4_workstationelite_x2_1013_g3200_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)desktop_pro_g1_microtower_\(rom_family_ssid_843c\)elitedesk_800_65w_g4_desktop_mini_pcelitebook_850_g4_firmwareprobook_430_g6elitedesk_800_g2_small_form_factor_pcprodesk_400_g6_microtower_pc_firmwareelite_slice_g2_with_microsoft_teams_rooms_firmwarezhan_99_pro_g1_microtower_\(rom_family_ssid_843c\)elitedesk_800_g6_small_form_factor_pcprobook_470_g3_firmwareprobook_450_g4_firmwareelitebook_850_g6470_g7_firmware290_g4_microtower_\(rom_family_ssid_877e\)_firmware200_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmwareelitedesk_800_35w_g3_desktop_mini_pcprodesk_480_g6_microtower_pc280_g5_microtower_\(rom_family_ssid_877e\)probook_640_g2_firmwarezbook_fury_17_g7_firmwareelitebook_820_g4_firmwareelitebook_820_g4elitebook_836_g6elitebook_x360_830_g5290_g1_microtower_pc_firmware290_g2_small_form_factor_\(rom_family_ssid_8768\)probook_x360_11_g2_education_editionproone_440_g6_24_all-in-one_pc_firmwareproone_440_g3_\(rom_family_ssid_82dc\)_firmwareeliteone_1000_g1_34-in_curved_all-in-one_business_pcelitebook_836_g5prodesk_400_g5_desktop_mini_pc_firmwareprodesk_400_g2_desktop_mini_pc_firmwareproone_480_g3_20-inch_non-touch_all-in_one_pc_firmwareproone_600_g2_21.5-inch_touch_all-in-one_pcprobook_x360_440_g1proone_400_g3_20-inch_touch_all-in-one_pc_firmwarez4_g4_workstation_\(xeon_w\)z440_workstationz1_entry_tower_g5_firmware205_g4_22_all-in-one_pc_\(rom_family_ssid_86f8\)prodesk_600_g2_desktop_mini_pc_firmwareelitebook_850_g5_firmwareprobook_440_g7_firmwaresprout_pro_by_g2_firmwareelitebook_1040_g4_firmware250_g7zbook_14u_g5_firmware258_g7_firmware205_pro_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmwareelitedesk_800_g5_tower_pc_firmware288_pro_g4_microtower_\(rom_family_ssid_843c\)_firmwareelite_x2_1012_g1_tablet_firmwareelitebook_x360_830_g6probook_450_g3_firmwareprobook_440_g5_firmwarezbook_17_g3_firmwareelitebook_830_g6elitebook_820_g3zcentral_4r_firmware340s_g7probook_650_g5_firmwareprobook_450_g6z2_small_form_factor_g4zbook_power_g7prodesk_400_g6_desktop_mini_pcprobook_440_g6_firmwareelitebook_828_g3_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pcelitebook_850_g7_firmwarezhan_66_pro_g3_22_all-in-one_pc_firmwarez2_mini_g5elitebook_x360_1030_g8_firmwareprobook_11_g2_education_editionzbook_x2_g4zbook_firefly_14_g7_firmwareprodesk_480_g7_pci_microtower_pc_firmwareprodesk_600_g6_desktop_mini_pc_firmware280_g4_microtower_\(rom_family_ssid_843c\)proone_400_g6_20_all-in-one_pc_firmwareprodesk_400_g7_small_form_factor_pcspectre_pro_13_g1elitebook_830_g7_firmwareprobook_470_g5_firmwareelitebook_840_g7_firmwarezhan_66_pro_g3_22_all-in-one_pc200_g3_all-in-one_\(rom_family_ssid_84de\)256_g6260_g3_desktop_mini_pc_firmwareprodesk_600_g5_microtower_pc_\(with_pci_slot\)eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware280_g4_small_form_factor_\(rom_family_ssid_8768\)_firmware200_g4_22_all-in-one_pc_\(rom_family_ssid_86f0\)_firmwareelite_slice_g2_-_audio_ready_with_zoom_rooms_firmwarez440_workstation_firmware290_g2_microtower_\(rom_family_ssid_843c\)elitedesk_800_g5_small_form_factor_pcproone_440_g6_24_all-in-one_pcprodesk_600_g2_small_form_factor_pczhan_86_pro_g1_microtower_pc_firmwareeliteone_1000_g2_23.8-in_all-in-one_business_pceliteone_800_g4_23.8-inch_non-touch_all-in-one_pcprobook_440_g8_firmwareelitebook_840_g6_healthcare_editioneliteone_800_g6_24_all-in-one_pc_firmwarezbook_17_g4_firmwareprodesk_400_g7_microtower_pct430_thin_clientdesktop_pro_g3_microtower_firmware246_g4_firmwarezhan_66_pro_13_g2_firmwareprobook_450_g6_firmwareprobook_11_g2_education_edition_firmwareelite_slice_g2_with_zoom_roomsproone_440_g3_\(rom_family_ssid_82dc\)elitebook_x360_1020_g2elitebook_1050_g1_firmwareeliteone_1000_g2_23.8-in_all-in-one_business_pc_firmwareprobook_430_g8_firmwareprodesk_680_g2_microtower_pcdesktop_pro_microtower_pc_firmwarezbook_15u_g4proone_400_g2_20-inch_non-touch_all-in-one_pc348_g4_firmwaredesktop_pro_g3_microtowerelite_x2_1012_g1_firmwareproone_490_g3_\(rom_family_ssid_82dc\)_firmwareprobook_x360_11_g4_education_editionprobook_430_g5HP PC BIOS
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-33505
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.47%
||
7 Day CHG~0.00%
Published-15 Jul, 2021 | 10:26
Updated-03 Aug, 2024 | 23:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A local malicious user can circumvent the Falco detection engine through 0.28.1 by running a program that alters arguments of system calls being executed. Issue is fixed in Falco versions >= 0.29.1.

Action-Not Available
Vendor-falcon/a
Product-falcon/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-34741
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.36% / 58.63%
||
7 Day CHG~0.00%
Published-15 Aug, 2024 | 21:56
Updated-17 Dec, 2024 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-783
Operator Precedence Logic Error
CVE-2021-33287
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 6.12%
||
7 Day CHG~0.00%
Published-07 Sep, 2021 | 00:00
Updated-03 Dec, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application.

Action-Not Available
Vendor-tuxeran/aFedora ProjectDebian GNU/Linux
Product-debian_linuxntfs-3gfedoran/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-33526
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.45%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 10:24
Updated-17 Sep, 2024 | 01:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation in mbDIALUP <= 3.9R0.0

In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM instructing it to execute a malicous OpenVPN configuration resulting in arbitrary code execution with the privileges of the service.

Action-Not Available
Vendor-mbconnectlineMB connect line
Product-mbdialupmbDIALUP
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-34332
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.65%
||
7 Day CHG~0.00%
Published-10 Jun, 2024 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in SiSoftware SANDRA v31.66 (SANDRA.sys 15.18.1.1) and before allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API.

Action-Not Available
Vendor-n/asisoftware
Product-n/asandra
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-1326
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.7||HIGH
EPSS-5.05% / 89.88%
||
7 Day CHG~0.00%
Published-13 Apr, 2023 | 22:35
Updated-07 Feb, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
local privilege escalation in apport-cli

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.

Action-Not Available
Vendor-Canonical Ltd.
Product-apportubuntu_linuxApport
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-32471
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-3.22% / 87.22%
||
7 Day CHG-1.61%
Published-10 May, 2021 | 04:49
Updated-03 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs (instead of 0s and 1s). NOTE: the discoverer states "this vulnerability has no real-world implications."

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-universal_turing_machinen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-33657
Matching Score-4
Assigner-AMI
ShareView Details
Matching Score-4
Assigner-AMI
CVSS Score-7.8||HIGH
EPSS-0.17% / 37.43%
||
7 Day CHG~0.00%
Published-21 Aug, 2024 | 16:17
Updated-12 Jan, 2026 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Smm Callout in SmmComputrace Module

This SMM vulnerability affects certain modules, allowing privileged attackers to execute arbitrary code, manipulate stack memory, and leak information from SMRAM to kernel space, potentially leading to denial-of-service attacks.

Action-Not Available
Vendor-AMI
Product-aptio_vAptioVaptio_v
CWE ID-CWE-20
Improper Input Validation
CVE-2021-31833
Matching Score-4
Assigner-Trellix
ShareView Details
Matching Score-4
Assigner-Trellix
CVSS Score-7.1||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-04 Jan, 2022 | 09:45
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by MACC. This would require the attacker to rename the specified binary to match name of any configured updater and perform a specific set of steps, resulting in the renamed binary to be to run.

Action-Not Available
Vendor-McAfee, LLC
Product-application_and_change_controlMcAfee Application and Change Control (MACC)
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-20587
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.95%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-18 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ppmp_validate_wsm of drm_fw.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238720411References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2024-33656
Matching Score-4
Assigner-AMI
ShareView Details
Matching Score-4
Assigner-AMI
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.33%
||
7 Day CHG~0.00%
Published-21 Aug, 2024 | 16:16
Updated-12 Jan, 2026 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory Leak in SmmComuptrace Module

The DXE module SmmComputrace contains a vulnerability that allows local attackers to leak stack or global memory. This could lead to privilege escalation, arbitrary code execution, and bypassing OS security mechanisms

Action-Not Available
Vendor-AMI
Product-aptio_vAptioVaptio_v
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-31954
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.26% / 79.61%
||
7 Day CHG~0.00%
Published-08 Jun, 2021 | 22:46
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Common Log File System Driver Elevation of Privilege Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Windows 10 Version 1607Windows Server version 2004Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server version 20H2Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-32906
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.68%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 21:01
Updated-08 Aug, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In AcvpOnMessage of avcp.cpp, there is a possible EOP due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid_kernel
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2024-33065
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.08% / 23.96%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 12:58
Updated-23 Mar, 2026 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Camera

Memory corruption while taking snapshot when an offset variable is set by camera driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)_firmwarefastconnect_6800snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmwarewsa8845h_firmwareqcm6490snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)sc8380xp_firmwarewsa8840snapdragon_8c_compute_platform_\(sc8180x-ad\)_firmwarevideo_collaboration_vc3_platformqca6391_firmwarewcd9341_firmwareqcs5430_firmwarevideo_collaboration_vc3_platform_firmwarefastconnect_6800_firmwaresc8380xpsnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)wsa8815_firmwarefastconnect_6200snapdragon_8cx_compute_platform_\(sc8180x-ab\)_firmwarewsa8830_firmwarewcd9385_firmwareqcs6490snapdragon_8cx_compute_platform_\(sc8180xp-af\)_firmwareqca6391snapdragon_8cx_compute_platform_\(sc8180xp-ac\)_firmwareqcm5430fastconnect_7800aqt1000snapdragon_8c_compute_platform_\(sc8180xp-ad\)wcd9375qcm6490_firmwarewcd9370_firmwaresnapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"qcs6490_firmwarewcd9380_firmwaresm6250qcm5430_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)snapdragon_7c\+_gen_3_compute_firmwarewsa8840_firmwarefastconnect_7800_firmwarewsa8830wsa8845wcd9380snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmwaresc8180x\+sdx55_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\)qca6420snapdragon_8c_compute_platform_\(sc8180xp-ad\)_firmwareqca6430_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-af\)aqt1000_firmwaresnapdragon_7c_compute_platform_\(sc7180-ac\)_firmwarefastconnect_6900_firmwaresnapdragon_7c\+_gen_3_computewsa8835snapdragon_8c_compute_platform_\(sc8180x-ad\)wcd9370sm6250_firmwarewcd9375_firmwarewsa8810_firmwarewcd9340_firmwarewsa8845_firmwareqcs5430snapdragon_8cx_compute_platform_\(sc8180xp-ac\)snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)qca6430fastconnect_6200_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\)_firmwarewsa8835_firmwarefastconnect_6700snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)wcd9340snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)fastconnect_6700_firmwarewcd9341snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)_firmwarewcd9385qca6420_firmwarewsa8815sc8180x\+sdx55snapdragon_7c_compute_platform_\(sc7180-ac\)wsa8810snapdragon_8cx_compute_platform_\(sc8180x-ab\)wsa8845hsnapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)_firmwarefastconnect_6900Snapdragonaqt1000_firmwareqcm5430_firmwarewcd9380_firmwareqca6430_firmwareqcs6490_firmwareqcm6490_firmwareqcs5430_firmwarewsa8840_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqca6391_firmwarewcd9385_firmwarefastconnect_6900_firmwarewcd9370_firmwaresc8380xp_firmwarewcd9340_firmwaresm6250_firmwarewsa8830_firmwarewsa8845_firmwarefastconnect_6700_firmwarewsa8815_firmwarewsa8835_firmwarewsa8810_firmwarefastconnect_6200_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6420_firmwarewcd9375_firmwarewsa8845h_firmwarefastconnect_6800_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30989
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.02% / 7.17%
||
7 Day CHG~0.00%
Published-16 Jul, 2023 | 22:40
Updated-30 Oct, 2024 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM i privilege escalation

IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain all object access to the host operating system. IBM X-Force ID: 254017.

Action-Not Available
Vendor-IBM Corporation
Product-ii
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-32903
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-7.4||HIGH
EPSS-0.03% / 8.41%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 21:01
Updated-20 Aug, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30261
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 10.57%
||
7 Day CHG~0.00%
Published-17 Sep, 2021 | 07:05
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610qca6431_firmwarewcd9360_firmwaremdm9645wcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqca6595au_firmwaresa6155qca6335msm8917mdm8215sd_455_firmwareqcs605_firmwaresd_675_firmwareqcs6125_firmwaremdm8615m_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sd720gmdm9628mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwaremdm9230_firmwaremdm8215mqca6574au_firmwaremdm9630wcd9375_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360qca9367_firmwarewhs9410_firmwaremdm8207qcs6125sa8155_firmwareqca4004_firmwaremdm9615mqca6430wcd9306_firmwarewcd9340mdm9625_firmwaresd765gqca1990_firmwarequalcomm215_firmwareqca6436wcn6851sa6155pqcs603_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwaremdm9655qca6696_firmwareqca6431wcd9371sd870_firmwaresd750gmdm8215_firmwarewcn3910_firmwaresd_8cxsa8150pmdm9207_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd865_5g_firmwaresd712wcn3988sa8195p_firmwaremsm8208_firmwarewcn6750_firmwaresd450wcn3610mdm9640msm8608wcn3991sda429w_firmwarewcd9380_firmwaresdm429wwcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215mdm9230qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174qca6430_firmwaresd439_firmwareqca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwaresd_8c_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835qca1990sd730wcd9330_firmwaresdx55mqca6421_firmwarewcn6740_firmwarear6003_firmwaremsm8953sd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqca6694au_firmwaremsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareapq8084_firmwaresa6145psdxr1apq8096ausa8145pmdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresd780g_firmwaresdx55apq8053sa8155psd675sd439wcn3660qca9379wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwaresm7250_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwaremdm9310_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410mdm9615m_firmwarewcn3615_firmwareapq8037sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208sa6155p_firmwareqca6310sa515m_firmwaresd429sdxr2_5gqca9367apq8084sdm630mdm9607_firmwaresd821mdm9655_firmwaremsm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresa6145p_firmwaresm6250sa8195psd712_firmwareapq8017_firmwarewsa8810_firmwareqca6694sd765_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385mdm8615mmdm9625qca6390wcd9375sd750g_firmwareaqt1000msm8976qca6694_firmwaresm6250_firmwaresc8180x\+sdx55_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315ar6003csr6030_firmwareqca6564amdm9630_firmwareqcm6125_firmwaremdm9635m_firmwaresd_675sd780gsd865_5gsdx24msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwarewcn6750mdm9635mmdm9615mdm9205sa515mqca6574_firmwaresd855sd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009qca6391sdxr1_firmwaremdm9310aqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaremdm9215sd_455qca6574ausa8155p_firmwaremdm8215m_firmwaremdm9607sd205_firmwaremdm9645_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500sa6150pmsm8940apq8096au_firmwaresd845mdm9615_firmwareapq8037_firmwaresd720g_firmwaresdx12qcs410_firmwaremdm9330sd850Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-20
Improper Input Validation
CVE-2021-30260
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.98%
||
7 Day CHG~0.00%
Published-17 Sep, 2021 | 07:05
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca1023qca8337ar9380ipq8173_firmwareqcn5124mdm9645msm8992_firmwarewcn3950_firmwaresc8180x\+sdx55qca6595au_firmwaresa6155mdm8215sd_455_firmwareapq8076qcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwarewcn3660bqsm8350_firmwareqsm8350sd460_firmwareqca8081_firmwarewcn3998_firmwareqca6420apq8053_firmwareipq8070_firmwareqca9367_firmwareipq8078a_firmwareipq8072_firmwareqca0000sa8155_firmwareqca6430wcd9340sdm830_firmwaresd765gmdm9250_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371sd870_firmwareqca1062qcn5154_firmwaremdm8215_firmwaresd_8cxsa8150pqca9992_firmwaresd660sd865_5g_firmwaresd712sd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwarewcn6750_firmwareqca6428_firmwarewcn3991ipq4018_firmwareqca4531_firmwareqca9980_firmwareipq8078sdx55m_firmwareipq8173msm8976_firmwareqca6574sd670_firmwarecsr8811_firmwarewcd9380qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqcn9012_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqca6584_firmwaresd_8c_firmwaremdm9215_firmwareipq6028ipq8064sd835pmp8074qca1990wcn3980_firmwarewcn6745_firmwaresd730qca2062_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwareapq8064au_firmwareipq8078_firmwareqca6234qcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareqcm4290_firmwarewcn6855qcn7605_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031qca1023_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwareqca4024wcd9370_firmwaresdx55apq8053qcn5021_firmwarecsra6640qca9379qca6234_firmwareqcn7606wsa8830qca1062_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qca9378aqca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwareqca2064_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqca9984_firmwareqca9377qca4531wcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwarewcn3615_firmwareipq8074aapq8094sa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwarewcn3610_firmwareqca6584ausd778gipq8174qcn5052qca9367apq8092sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074qca6421sd778g_firmwaresa8195pqca6694wcd9326wcd9335qcn6023qcs4290_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000msm8976wcd9375sc8180x\+sdx55_firmwaresm6250_firmwaremsm8994apq8092_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017qcm6125_firmwaresd780gsd865_5gqca6595sd665_firmwareqcn5154qca8075_firmwareipq6005_firmwaremdm9206wcn6855_firmwareqca9888qca6310_firmwaresm7325apq8094_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886sd665qca6175asd765qca6574a_firmwaresd850_firmwareapq8009mdm9310csrb31024_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaremdm9626_firmwareqca9889_firmwaresd710mdm9607qcn5122mdm9645_firmwaresdx20m_firmwareqcn5022qca6564_firmwaresd768gqca1064_firmwarewcn6740qca8075apq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwaresdm830ipq6000_firmwaresdx12qcs410_firmwareqca6175a_firmwaresm7325_firmwareqca2066sa6150p_firmwareqcs610qcn5550qca6431_firmwarewcd9360_firmwareqca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335qca2062qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareipq8076amdm9628sd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresdx12_firmwarewcd9360sdx20mqca6438_firmwarewhs9410_firmwarewcn3999qrb5165_firmwareipq5028ipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405sc8280xp_firmwareqca1990_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcd9341qca2066_firmwareqca6431sd750gwcn3910_firmwarewsa8830_firmwaresd855_firmwarewcn3988qca6438sa8195p_firmwareqca9898ipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwarewcd9380_firmwareipq8072awcd9330msm8996au_firmwarecsr6030ipq8076a_firmwareqca6564auwcn6856_firmwareqcn5164qcn5054_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605sd7cwcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwareqca9984qcn9024qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaresd821_firmwarear8031_firmwareqrb5165wcn6851_firmwareipq8070sd_636_firmwareqca6564a_firmwaresd480sd870qcn5121_firmwaresd210_firmwareipq6018sdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca2064sd780g_firmwaresd888_firmwaresc8280xpsa8155psd675qca9378a_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqcs2290_firmwaresm7250_firmwaresd7c_firmwarecsra6620qcn9072sd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqcn7605wcn6745qca2065sd662qcn5124_firmwareqca1064qca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310sa515m_firmwareqca9990sdxr2_5gsd821msm8994_firmwaresa6145p_firmwaremsm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qca2065_firmwarear8035csr8811apq8064auqca6694_firmwareqcn9100_firmwaresd210sd820wcn6850_firmwarewsa8835_firmwarecsr6030_firmwareqca6564aqca8072qcm2290_firmwarewcn3990qcn9000sd_675ar9380_firmwaresdx24qcn9012sd888qcn6122_firmwarewsa8835msm8996ausd888_5gsm6250pipq4018qca6574aqca9889qca6174aipq8074qca9994_firmwarewcn6750ipq8076_firmwaresa515msd855sm4125_firmwareipq8076qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100mdm9626qcm4290sdx50msdx20mdm9215sd_455ipq8074_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125wsa8810wcn6856sd_8cwcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn9072_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareipq4029sd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-32849
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 31.36%
||
7 Day CHG~0.00%
Published-10 Jun, 2024 | 21:17
Updated-30 Jul, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-maximum_security_2022windowsmaximum_security_2023Trend Micro Maximum Security (Consumer)maximum_security
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-31168
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.33% / 56.01%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 19:11
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Container Manager Service Elevation of Privilege Vulnerability

Windows Container Manager Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10Windows Server version 2004Windows 10 Version 2004Windows Server version 20H2Windows 10 Version 20H2
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-29449
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.3||MEDIUM
EPSS-10.94% / 93.50%
||
7 Day CHG-0.42%
Published-14 Apr, 2021 | 22:05
Updated-06 Apr, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Privilege Escalation Vulnerabilities Pihole

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. Multiple privilege escalation vulnerabilities were discovered in version 5.2.4 of Pi-hole core. See the referenced GitHub security advisory for details.

Action-Not Available
Vendor-pi-holepi-hole
Product-pi-holepi-hole
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-27454
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.04%
||
7 Day CHG~0.00%
Published-25 Mar, 2021 | 19:33
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions prior to 02A04.1).

Action-Not Available
Vendor-gen/a
Product-reason_dr60reason_dr60_firmwareReason DR60
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-3990
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.68%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 18:52
Updated-28 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPSFViewer might allow Escalation of Privilege. This potential vulnerability was remediated on July 29th, 2022. Customers who opted for automatic updates should have already received the remediation.

Action-Not Available
Vendor-HP Inc.
Product-hpsfviewerHPSFViewer
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-27767
Matching Score-4
Assigner-HCL Software
ShareView Details
Matching Score-4
Assigner-HCL Software
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 13.64%
||
7 Day CHG~0.00%
Published-06 May, 2022 | 18:10
Updated-16 Sep, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL BigFix Platform Console is affected by a Privilege Escalation Vulnerability

The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-bigfix_platformBigFix Platform
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-28250
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-26 Mar, 2021 | 07:18
Updated-03 Aug, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a setuid (and/or setgid) file. When a component is run as an argument of the runpicEhealth executable, the script code will be executed as the ehealth user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-n/a
Product-ehealth_performance_managern/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-31318
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.04% / 14.06%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 20:09
Updated-17 Dec, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In CompanionDeviceManagerService.java, there is a possible way to pair a companion device without user acceptance due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-862
Missing Authorization
CVE-2021-27077
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.22% / 84.71%
||
7 Day CHG~0.00%
Published-11 Mar, 2021 | 15:50
Updated-03 Aug, 2024 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32k Elevation of Privilege Vulnerability

Windows Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Windows 10 Version 1607Windows Server version 2004Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server version 20H2Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows 10 Version 1803Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server, version 1909 (Server Core installation)Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-31311
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.3||MEDIUM
EPSS-0.05% / 15.82%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 20:09
Updated-17 Dec, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In increment_annotation_count of stats_event.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-31757
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.08%
||
7 Day CHG~0.00%
Published-21 May, 2024 | 17:37
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in TeraByte Unlimited Image for Windows v.3.64.0.0 and before and fixed in v.4.0.0.0 allows a local attacker to escalate privileges via the TBOFLHelper64.sys and TBOFLHelper.sys component.

Action-Not Available
Vendor-n/aterabyte_unlimited
Product-n/aimage
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-27766
Matching Score-4
Assigner-HCL Software
ShareView Details
Matching Score-4
Assigner-HCL Software
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 13.64%
||
7 Day CHG~0.00%
Published-06 May, 2022 | 18:10
Updated-17 Sep, 2024 | 03:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL BigFix Platform Client is affected by a Privilege Escalation Vulnerability

The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-bigfix_platformBigFix Platform
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-26415
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-11.47% / 93.70%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 19:32
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Installer Elevation of Privilege Vulnerability

Windows Installer Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Windows 10 Version 1607Windows Server version 2004Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server version 20H2Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows 10 Version 1803Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server, version 1909 (Server Core installation)Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-20
Improper Input Validation
CVE-2021-25418
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.12%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 14:33
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-internetSamsung Internet
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-25683
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-8.8||HIGH
EPSS-0.05% / 14.81%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 02:20
Updated-16 Sep, 2024 | 22:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
apport improperly parses /proc/pid/stat

It was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel.

Action-Not Available
Vendor-Canonical Ltd.
Product-apportapport
CWE ID-CWE-20
Improper Input Validation
CVE-2021-26323
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.25%
||
7 Day CHG~0.00%
Published-16 Nov, 2021 | 18:14
Updated-16 Sep, 2024 | 23:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-epyc_7543epyc_7443_firmwareepyc_7313epyc_7343epyc_7663_firmwareepyc_7543_firmwareepyc_7763_firmwareepyc_7713pepyc_74f3_firmwareepyc_7513epyc_7443epyc_7313p_firmwareepyc_7763epyc_7232p_firmwareepyc_7713_firmwareepyc_7713p_firmwareepyc_73f3_firmwareepyc_7453epyc_7713epyc_7513_firmwareepyc_7543p_firmwareepyc_7443p_firmwareepyc_7413_firmwareepyc_7232pepyc_7643epyc_72f3epyc_7643_firmwareepyc_7663epyc_75f3epyc_72f3_firmwareepyc_7543pepyc_7313_firmwareepyc_7443pepyc_75f3_firmwareepyc_7453_firmwareepyc_7343_firmwareepyc_74f3epyc_7413epyc_7313pepyc_73f33rd Gen AMD EPYC™
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • ...
  • 6
  • 7
  • 8
  • ...
  • 22
  • 23
  • Next
Details not found