Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-7231

Summary
Assigner-zdi
Assigner Org ID-99f1926a-a320-47d8-bbb5-42feb611262e
Published At-22 Nov, 2024 | 21:11
Updated At-25 Nov, 2024 | 17:05
Rejected At-
Credits

Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability

Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Cleanup Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22894.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:zdi
Assigner Org ID:99f1926a-a320-47d8-bbb5-42feb611262e
Published At:22 Nov, 2024 | 21:11
Updated At:25 Nov, 2024 | 17:05
Rejected At:
▼CVE Numbering Authority (CNA)
Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability

Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Cleanup Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22894.

Affected Products
Vendor
Avast
Product
Cleanup Premium
Default Status
unknown
Versions
Affected
  • 23.4 (build 15592)
Problem Types
TypeCWE IDDescription
CWECWE-59CWE-59: Improper Link Resolution Before File Access ('Link Following')
Type: CWE
CWE ID: CWE-59
Description: CWE-59: Improper Link Resolution Before File Access ('Link Following')
Metrics
VersionBase scoreBase severityVector
3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.zerodayinitiative.com/advisories/ZDI-24-1001/
x_research-advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-24-1001/
Resource:
x_research-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
avast
Product
cleanup
CPEs
  • cpe:2.3:a:avast:cleanup:23.4:*:*:*:premium:*:*:*
Default Status
unknown
Versions
Affected
  • 23.4
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:zdi-disclosures@trendmicro.com
Published At:22 Nov, 2024 | 22:15
Updated At:09 Dec, 2024 | 20:01

Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Cleanup Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22894.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
avast
avast
>>cleanup_premium>>23.4
cpe:2.3:a:avast:cleanup_premium:23.4:build_15592:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-59Secondaryzdi-disclosures@trendmicro.com
CWE ID: CWE-59
Type: Secondary
Source: zdi-disclosures@trendmicro.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.zerodayinitiative.com/advisories/ZDI-24-1001/zdi-disclosures@trendmicro.com
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-24-1001/
Source: zdi-disclosures@trendmicro.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

312Records found
CVE-2022-31250
Matching Score-4
Assigner-SUSE
ShareView Details
Matching Score-4
Assigner-SUSE
CVSS Score-7.1||HIGH
EPSS-0.14% / 34.36%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 07:55
Updated-17 Sep, 2024 | 01:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
keylime %post scriplet allows for privilege escalation from keylime user to root

A UNIX Symbolic Link (Symlink) Following vulnerability in keylime of openSUSE Tumbleweed allows local attackers to escalate from the keylime user to root. This issue affects: openSUSE Tumbleweed keylime versions prior to 6.4.2-1.1.

Action-Not Available
Vendor-openSUSE
Product-tumbleweedTumbleweed
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-31256
Matching Score-4
Assigner-SUSE
ShareView Details
Matching Score-4
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.05% / 15.10%
||
7 Day CHG~0.00%
Published-26 Oct, 2022 | 08:55
Updated-09 May, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
sendmail: mail to root privilege escalation via sm-client.pre script

A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1.

Action-Not Available
Vendor-SUSEopenSUSE
Product-factoryopenSUSE Factory
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-30523
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.38%
||
7 Day CHG~0.00%
Published-16 May, 2022 | 14:45
Updated-03 Aug, 2024 | 06:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow a low privileged local attacker to delete the contents of an arbitrary folder as SYSTEM which can then be used for privilege escalation on the affected machine.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-password_managerTrend Micro Password Manager
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-6335
Matching Score-4
Assigner-HYPR Corp
ShareView Details
Matching Score-4
Assigner-HYPR Corp
CVSS Score-6.4||MEDIUM
EPSS-0.08% / 23.84%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 19:42
Updated-02 Jun, 2025 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.

Action-Not Available
Vendor-hyprHYPRMicrosoft Corporation
Product-windowsworkforce_accessWorkforce Access
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-2897
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.63%
||
7 Day CHG-0.01%
Published-31 Aug, 2022 | 20:54
Updated-16 Apr, 2025 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Measuresoft ScadaPro Server and Client Link Following

Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow privilege escalation..

Action-Not Available
Vendor-measuresoftMeasuresoft
Product-scadapro_clientscadapro_serverScadaPro Server and Client
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-27815
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.23% / 45.93%
||
7 Day CHG~0.00%
Published-29 Mar, 2022 | 23:21
Updated-03 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service.

Action-Not Available
Vendor-waycraten/a
Product-swhkdn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-28225
Matching Score-4
Assigner-Yandex N.V.
ShareView Details
Matching Score-4
Assigner-Yandex N.V.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.88%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 19:10
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.

Action-Not Available
Vendor-yandexn/aMicrosoft Corporation
Product-windowsyandex_browserYandex Browser (Desktop)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2017-18078
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.35%
||
7 Day CHG~0.00%
Published-29 Jan, 2018 | 05:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks write access, as demonstrated by changing the ownership of the /etc/passwd file.

Action-Not Available
Vendor-systemd_projectn/aDebian GNU/LinuxopenSUSE
Product-debian_linuxsystemdleapn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-51636
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.77%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 19:16
Updated-14 Aug, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avira Prime Link Following Local Privilege Escalation Vulnerability

Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avira Spotlight Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21600.

Action-Not Available
Vendor-aviraAviraavira
Product-avira_primePrimeprime
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-52092
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.30%
||
7 Day CHG~0.00%
Published-23 Jan, 2024 | 20:40
Updated-20 Jun, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-apex_oneTrend Micro Apex One as a ServiceTrend Micro Apex One
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-52338
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.64%
||
7 Day CHG~0.00%
Published-23 Jan, 2024 | 20:43
Updated-02 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-deep_securitydeep_security_agentTrend Micro Deep Security Agentdeep_security_agent
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-52091
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.87%
||
7 Day CHG~0.00%
Published-23 Jan, 2024 | 20:39
Updated-20 Jun, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-apex_oneTrend Micro Apex One as a ServiceTrend Micro Apex One
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-24679
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.77%
||
7 Day CHG~0.00%
Published-24 Feb, 2022 | 02:45
Updated-03 Aug, 2024 | 04:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder in an arbitrary location and escalate privileges affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-apex_onewindowsworry-free_business_securityworry-free_business_security_servicesTrend Micro Apex OneTrend Micro Worry-Free Business Security
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-26158
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-10.11% / 92.81%
||
7 Day CHG+3.72%
Published-09 Apr, 2024 | 17:00
Updated-03 May, 2025 | 00:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Install Service Elevation of Privilege Vulnerability

Microsoft Install Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 version 22H3Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2016Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows 10 Version 21H2Windows 10 Version 1607Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-24680
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.77%
||
7 Day CHG~0.00%
Published-24 Feb, 2022 | 02:45
Updated-03 Aug, 2024 | 04:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create a mount point and leverage this for arbitrary folder deletion, leading to escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-apex_onewindowsworry-free_business_securityworry-free_business_security_servicesTrend Micro Apex OneTrend Micro Worry-Free Business Security
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-26238
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.66% / 70.09%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 16:57
Updated-03 May, 2025 | 00:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability

Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_22h2windows_10_21h2Windows 10 Version 21H2Windows 10 Version 22H2
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-24671
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.66%
||
7 Day CHG~0.00%
Published-24 Feb, 2022 | 02:45
Updated-03 Aug, 2024 | 04:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-antivirusTrend Micro Antivirus for Mac
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-23742
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.53%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 19:23
Updated-03 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links.

Action-Not Available
Vendor-n/aMicrosoft CorporationCheck Point Software Technologies Ltd.
Product-windowsendpoint_securityCheck Point Endpoint Security Client for Windows
CWE ID-CWE-65
Windows Hard Link
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-26199
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.80%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 16:57
Updated-03 May, 2025 | 00:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Office Elevation of Privilege Vulnerability

Microsoft Office Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-365_appsMicrosoft 365 Apps for Enterprise
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-22962
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.41%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:38
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Horizon Agent for Linux (prior to 22.x) contains a local privilege escalation as a user is able to change the default shared folder location due to a vulnerable symbolic link. Successful exploitation can result in linking to a root owned file.

Action-Not Available
Vendor-Linux Kernel Organization, IncVMware (Broadcom Inc.)
Product-horizonlinux_kernelVMware Horizon Agent for Linux
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-21999
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-72.78% / 98.72%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 16:36
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.
Windows Print Spooler Elevation of Privilege Vulnerability

Windows Print Spooler Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_10_1909windows_7windows_10_20h2windows_10_1607windows_server_20h2windows_server_2022windows_server_2008windows_server_2016windows_11_21h2windows_10_1809windows_10_21h2windows_10_21h1windows_8.1windows_rt_8.1windows_10_1507windows_server_2019Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 20H2Windows 11 version 21H2Windows Server 2019Windows 10 Version 21H2Windows 10 Version 1909Windows Server 2008 Service Pack 2Windows Server 2008 Service Pack 2Windows Server 2022Windows Server version 20H2Windows Server 2016Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016 (Server Core installation)Windows 7 Service Pack 1Windows 7Windows 10 Version 21H1Windows Server 2012Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows 8.1Windows Server 2008 Service Pack 2 (Server Core installation)Windows
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-21895
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.93% / 75.12%
||
7 Day CHG~0.00%
Published-11 Jan, 2022 | 20:22
Updated-02 Jan, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows User Profile Service Elevation of Privilege Vulnerability

Windows User Profile Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_serverwindows_server_2012windows_8.1windows_10windows_server_2019Windows Server 2022Windows 10 Version 1607Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows Server version 20H2Windows 10 Version 1909Windows Server 2016Windows 10 Version 20H2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-21838
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 60.16%
||
7 Day CHG~0.00%
Published-11 Jan, 2022 | 20:22
Updated-02 Jan, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Cleanup Manager Elevation of Privilege Vulnerability

Windows Cleanup Manager Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_serverwindows_server_2016windows_server_2012windows_8.1windows_7windows_11windows_10windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server version 20H2Windows Server 2012 (Server Core installation)Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-21944
Matching Score-4
Assigner-SUSE
ShareView Details
Matching Score-4
Assigner-SUSE
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.96%
||
7 Day CHG~0.00%
Published-26 Jan, 2022 | 09:10
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
watchman: chown in watchman@.socket unit allows symlink attack

A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman versions prior to 4.9.0-9.1.

Action-Not Available
Vendor-openSUSESUSE
Product-suse_linux_enterprise_serverfactory_watchmanopenSUSE Backports SLE-15-SP3Factory
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-50226
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.13%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-08 Aug, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability

Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to move arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. . Was ZDI-CAN-21227.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktopparallels_desktop
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-2145
Matching Score-4
Assigner-Cloudflare, Inc.
ShareView Details
Matching Score-4
Assigner-Cloudflare, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.09% / 26.98%
||
7 Day CHG~0.00%
Published-28 Jun, 2022 | 17:45
Updated-03 Aug, 2024 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cloudlfare WARP Arbitrary File Overwrite

Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files.

Action-Not Available
Vendor-Cloudflare, Inc.
Product-warpWARP
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-20
Improper Input Validation
CVE-2022-1256
Matching Score-4
Assigner-Trellix
ShareView Details
Matching Score-4
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.33%
||
7 Day CHG~0.00%
Published-14 Apr, 2022 | 13:45
Updated-02 Aug, 2024 | 23:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Privilege Management in McAfee Agent for Windows

A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges through manipulation of symbolic links.

Action-Not Available
Vendor-McAfee, LLC
Product-agentMcAfee Agent for Windows
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-0017
Matching Score-4
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Palo Alto Networks, Inc.
CVSS Score-7||HIGH
EPSS-0.12% / 31.41%
||
7 Day CHG~0.00%
Published-10 Feb, 2022 | 18:10
Updated-16 Sep, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GlobalProtect App: Improper Link Resolution Vulnerability Leads to Local Privilege Escalation

An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Windows. GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.5 on Windows. This issue does not affect GlobalProtect app on other platforms.

Action-Not Available
Vendor-Palo Alto Networks, Inc.Microsoft Corporation
Product-globalprotectwindowsGlobalProtect App
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2025-33075
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.29%
||
7 Day CHG~0.00%
Published-10 Jun, 2025 | 17:02
Updated-11 Jul, 2025 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Installer Elevation of Privilege Vulnerability

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_11_24h2windows_11_23h2windows_server_2019windows_server_2022windows_10_22h2windows_server_2016windows_server_2025windows_11_22h2windows_server_2022_23h2windows_10_1507windows_10_1809windows_10_1607windows_server_2012windows_10_21h2Windows Server 2008 Service Pack 2Windows 10 Version 1607Windows Server 2008 Service Pack 2Windows 11 Version 23H2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2022Windows Server 2016 (Server Core installation)Windows Server 2025Windows Server 2012Windows 10 Version 22H2Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)Windows Server 2012 R2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2016Windows Server 2012 (Server Core installation)Windows 11 version 22H3Windows Server 2019Windows Server 2019 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1507Windows 10 Version 21H2
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-44038
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.19% / 41.58%
||
7 Day CHG~0.00%
Published-19 Nov, 2021 | 18:29
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users (with control of the non-root-owned directory /etc/quagga) to escalate their privileges to root upon package installation or update.

Action-Not Available
Vendor-quaggan/a
Product-quaggan/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-43116
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.60%
||
7 Day CHG~0.00%
Published-22 Dec, 2023 | 00:00
Updated-02 Aug, 2024 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.

Action-Not Available
Vendor-buildkiten/a
Product-elastic_ci_stackn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-45231
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.38%
||
7 Day CHG~0.00%
Published-08 Jan, 2022 | 15:51
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on the affected system. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-apex_onewindowsworry-free_business_securityworry-free_business_security_servicesTrend Micro Apex OneTrend Micro Worry-Free Business Security
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-42942
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.57%
||
7 Day CHG~0.00%
Published-21 Feb, 2024 | 06:41
Updated-14 Mar, 2025 | 01:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges.

Action-Not Available
Vendor-Apple Inc.
Product-tvosmacosiphone_osipad_osipadoswatchoswatchOSmacOStvOSiOS and iPadOStvosmacosiphone_osipad_oswatchos
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-43238
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 53.20%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 14:15
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Remote Access Elevation of Privilege Vulnerability

Windows Remote Access Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_serverwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows Server version 2004Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server version 20H2Windows Server 2012 (Server Core installation)Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-43237
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.72% / 71.57%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 14:15
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Setup Elevation of Privilege Vulnerability

Windows Setup Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_serverwindows_11windows_10windows_server_2016Windows Server 2022Windows 10 Version 2004Windows 10 Version 21H2Windows Server version 2004Windows 10 Version 21H1Windows 11 version 21H2Windows Server version 20H2Windows 10 Version 1909Windows 10 Version 20H2
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-41379
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-4.12% / 88.18%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 00:46
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.
Windows Installer Elevation of Privilege Vulnerability

Windows Installer Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_10_2004windows_10_1909windows_7windows_10_20h2windows_10_1607windows_server_20h2windows_server_2022windows_server_2008windows_server_2016windows_server_2004windows_11_21h2windows_10_1809windows_10_21h1windows_8.1windows_rt_8.1windows_10_1507windows_server_2019Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 20H2Windows 11 version 21H2Windows Server 2019Windows 10 Version 1909Windows Server 2008 Service Pack 2Windows Server 2008 Service Pack 2Windows Server 2022Windows Server version 20H2Windows Server 2016Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016 (Server Core installation)Windows 7 Service Pack 1Windows 7Windows 10 Version 2004Windows 10 Version 21H1Windows Server version 2004Windows Server 2012Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows 8.1Windows Server 2008 Service Pack 2 (Server Core installation)Windows
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-36737
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.85%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 17:07
Updated-14 Apr, 2025 | 22:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability

Azure Network Watcher VM Agent Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_network_watcherAzure Network Watcher VM Extension
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-36758
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 36.77%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 16:58
Updated-01 Jan, 2025 | 02:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Elevation of Privilege Vulnerability

Visual Studio Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2022Microsoft Visual Studio 2022 version 17.7
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-36711
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.67%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 17:07
Updated-14 Apr, 2025 | 22:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 1607Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows 11 version 22H2Windows 10 Version 1809Windows 10 Version 22H2Windows Server 2016Windows Server 2012 R2Windows 10 Version 1507Windows Server 2019 (Server Core installation)Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2019Windows 10 Version 21H2
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-36874
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-62.95% / 98.32%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:03
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-08-01||Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Windows Error Reporting Service Elevation of Privilege Vulnerability

Windows Error Reporting Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_21h2windows_11_22h2windows_10_1809windows_10_21h2windows_server_2008windows_server_2019windows_10_22h2windows_server_2016windows_10_1607windows_server_2022windows_server_2012Windows 10 Version 1809Windows 10 Version 22H2Windows 10 Version 1507Windows 10 Version 1607Windows 11 version 21H2Windows Server 2019Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2008 Service Pack 2Windows Server 2022Windows Server 2016Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-36928
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6||MEDIUM
EPSS-1.31% / 79.01%
||
7 Day CHG~0.00%
Published-26 Aug, 2021 | 17:20
Updated-18 Nov, 2024 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-edge_chromiumMicrosoft Edge (Chromium-based)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-36744
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.23% / 45.55%
||
7 Day CHG~0.00%
Published-06 Sep, 2021 | 11:37
Updated-04 Aug, 2024 | 01:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-maximum_security_2019maximum_security_2021windowsmaximum_security_2020security_for_best_buyTrend Micro Security (Consumer)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-35320
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.69%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows Server 2016
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-36983
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.51%
||
7 Day CHG~0.00%
Published-28 Jul, 2021 | 03:35
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local attacker to gain root privileges via a symlink attack on /tmp/replay-sorcery or /tmp/replay-sorcery/device.sock.

Action-Not Available
Vendor-replaysorcery_projectn/a
Product-replaysorceryn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2016-9566
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-9.60% / 92.57%
||
7 Day CHG~0.00%
Published-15 Dec, 2016 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565.

Action-Not Available
Vendor-n/aNagios Enterprises, LLC
Product-nagiosn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-35342
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.69%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Image Acquisition Elevation of Privilege Vulnerability

Windows Image Acquisition Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2016-8641
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.7||MEDIUM
EPSS-1.11% / 77.26%
||
7 Day CHG~0.00%
Published-01 Aug, 2018 | 14:00
Updated-06 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change.

Action-Not Available
Vendor-Nagios Enterprises, LLC
Product-nagiosnagios
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-0683
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-30.48% / 96.55%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 21:22
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1607windows_server_1903windows_10_1803windows_server_2019windows_8.1windows_server_1909windows_7windows_10_1903windows_rt_8.1windows_10_1507windows_10_1709windows_10_1809windows_10_1909windows_server_1803windows_server_2008windows_server_2016windows_server_2012Windows 10 Version 1903 for x64-based SystemsWindows Server, version 1909 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindowsWindows 10 Version 1909 for x64-based SystemsWindows ServerWindows 10 Version 1909 for 32-bit SystemsWindows
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-35353
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.26% / 48.98%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows Server 2016
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-35379
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 29.18%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 17:08
Updated-01 Jan, 2025 | 01:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability

Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found