Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-44119

Summary
Assigner-apache
Assigner Org ID-f0158376-9dc2-43b6-827c-5f631a4d8d09
Published At-08 Jun, 2026 | 15:17
Updated At-09 Jun, 2026 | 11:57
Rejected At-
Credits

Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:apache
Assigner Org ID:f0158376-9dc2-43b6-827c-5f631a4d8d09
Published At:08 Jun, 2026 | 15:17
Updated At:09 Jun, 2026 | 11:57
Rejected At:
▼CVE Numbering Authority (CNA)
Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Affected Products
Vendor
The Apache Software FoundationApache Software Foundation
Product
Apache HTTP Server
Default Status
unaffected
Versions
Affected
  • From 2.4.0 through 2.4.67 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-269CWE-269 Improper Privilege Management
Type: CWE
CWE ID: CWE-269
Description: CWE-269 Improper Privilege Management
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Textual description of severity
text:
moderate
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Lucian Nitescu
finder
as3617 (@real_as3617) at ENKI Whitehat
finder
Zhang San
finder
Martin Petrák
finder
joaovicdev
finder
Rooting | Lucas Torres
finder
R4mbb of KRsecurity
finder
gggggggga@Xiaomi ShadowBlade Security Lab
finder
NikKrian of H3C Security Center(h3c.com)
finder
lokerxx
Timeline
EventDate
reported2026-05-05 12:00:00
fixed in 2.4.x by r19350172026-06-05 12:00:00
2.4.68 released2026-06-08 12:00:00
Event: reported
Date: 2026-05-05 12:00:00
Event: fixed in 2.4.x by r1935017
Date: 2026-06-05 12:00:00
Event: 2.4.68 released
Date: 2026-06-08 12:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://httpd.apache.org/security/vulnerabilities_24.html
vendor-advisory
Hyperlink: https://httpd.apache.org/security/vulnerabilities_24.html
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2026/06/08/11
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2026/06/08/11
Resource: N/A
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@apache.org
Published At:08 Jun, 2026 | 16:16
Updated At:11 Jun, 2026 | 04:01

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CPE Matches
The Apache Software Foundation
apache
>>http_server>>Versions from 2.4.0(inclusive) to 2.4.68(exclusive)
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-269Secondarysecurity@apache.org
CWE ID: CWE-269
Type: Secondary
Source: security@apache.org
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://httpd.apache.org/security/vulnerabilities_24.htmlsecurity@apache.org
Vendor Advisory
http://www.openwall.com/lists/oss-security/2026/06/08/11af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
Hyperlink: https://httpd.apache.org/security/vulnerabilities_24.html
Source: security@apache.org
Resource:
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2026/06/08/11
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

65Records found
CVE-2024-6326
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-1.8||LOW
EPSS-0.01% / 1.04%
||
7 Day CHG~0.00%
Published-16 Jul, 2024 | 16:51
Updated-23 Sep, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services

An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders when they are temporarily copied to an interim folder. This vulnerability is due to the lack of explicit permissions set on the backup folder. If private keys are obtained by a malicious user, they could impersonate resources on the secured network.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-factorytalk_policy_managerfactorytalk_system_servicesFactoryTalk® Policy Manager (FTPM)FactoryTalk® System Services (installed via FTPM)
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-14976
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 17.04%
||
7 Day CHG~0.00%
Published-23 Jun, 2020 | 19:04
Updated-04 Aug, 2024 | 13:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context.

Action-Not Available
Vendor-gns3n/a
Product-gns3ubridgen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-13517
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 16.64%
||
7 Day CHG~0.00%
Published-17 Dec, 2020 | 23:51
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406104 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability.

Action-Not Available
Vendor-nzxtn/a
Product-camNZXT
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-6601
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.50%
||
7 Day CHG~0.00%
Published-13 Mar, 2019 | 22:00
Updated-17 Sep, 2024 | 01:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager (AAM) wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_application_acceleration_managerBIG-IP (AAM)
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-6668
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.18% / 39.98%
||
7 Day CHG~0.00%
Published-27 Nov, 2019 | 21:47
Updated-04 Aug, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The BIG-IP APM Edge Client for macOS bundled with BIG-IP APM 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5 may allow unprivileged users to access files owned by root.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_access_policy_managerBIG-IP APM Edge Client
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-19151
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.18% / 39.98%
||
7 Day CHG~0.00%
Published-23 Dec, 2019 | 18:03
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_webacceleratorbig-ip_application_acceleration_managerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_local_traffic_managerbig-ip_domain_name_systemiworkflowbig-ip_application_security_managerbig-ip_edge_gatewaybig-iq_centralized_managementbig-ip_link_controllerenterprise_managerbig-ip_access_policy_managerbig-ip_advanced_firewall_managerBIG-IP, BIG-IQ, iWorkflow, Enterprise Manager
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-21430
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.07% / 21.03%
||
7 Day CHG~0.00%
Published-10 May, 2021 | 19:25
Updated-03 Aug, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code

OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. Affected generators: `java` (jersey2, okhttp-gson (default library)), `scala-finch`. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version.

Action-Not Available
Vendor-openapi-generatorOpenAPITools
Product-openapi_generatoropenapi-generator
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2025-24805
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.5||HIGH
EPSS-0.21% / 42.66%
||
7 Day CHG~0.00%
Published-05 Feb, 2025 | 18:41
Updated-23 May, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Privilege Escalation in MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. A local user with minimal privileges is able to make use of an access token for materials for scopes which it should not be accepted. This issue has been addressed in version 4.3.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-Mobile Security Framework (MobSF)
Product-mobile_security_frameworkMobile-Security-Framework-MobSF
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-23007
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 9.14%
||
7 Day CHG~0.00%
Published-30 Jan, 2025 | 09:44
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation.

Action-Not Available
Vendor-SonicWall Inc.
Product-NetExtender
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-5797
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.35%
||
7 Day CHG~0.00%
Published-28 Nov, 2023 | 02:00
Updated-02 Dec, 2024 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nwa210ax_firmwarewax620d-6e_firmwarewac500hvpn100nwa220ax-6e_firmwareatp100nwa50ax_firmwareusg_flex_200wac500h_firmwareusg_flex_100nwa210axnwa50ax-proatp100wnwa50axwax640s-6e_firmwarewax610datp200atp700nwa1123acv3wax620d-6ewbe660snwa110ax_firmwareusg_flex_700vpn50wvpn300nwa55axeusg_flex_100wwac500nwa90ax-prowax510d_firmwarezldwax630s_firmwarewac500_firmwarewax655eusg_20w-vpnnwa90ax_firmwarewax640s-6ewbe660s_firmwareatp800vpn50nwa90ax-pro_firmwarenwa90axusg_flex_50wwax510dwax650s_firmwareatp500wax655e_firmwarenwa50ax-pro_firmwarewax610d_firmwarevpn1000wax630snwa110axnwa220ax-6ewax650snwa1123acv3_firmwareusg_flex_500usg_flex_50nwa55axe_firmwareUSG FLEX 50(W) series firmwareATP series firmwareWAC500 firmwareVPN series firmwareNWA50AX firmwareUSG FLEX series firmwareUSG20(W)-VPN series firmwareWBE660S firmwareWAX300H firmware
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-5960
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.08%
||
7 Day CHG~0.00%
Published-28 Nov, 2023 | 02:05
Updated-02 Aug, 2024 | 08:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zldusg_flex_50wvpn100usg_flex_200usg_flex_700vpn1000vpn300usg_flex_100vpn50usg_flex_100wusg_flex_500usg_flex_50USG FLEX series firmwareVPN series firmware
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-51430
Matching Score-4
Assigner-Honor Device Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Honor Device Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 19.76%
||
7 Day CHG~0.00%
Published-29 Dec, 2023 | 03:39
Updated-27 Nov, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.

Action-Not Available
Vendor-Honor Device Co., Ltd.
Product-magic_uiMagic UI
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-37925
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.08%
||
7 Day CHG~0.00%
Published-28 Nov, 2023 | 01:30
Updated-02 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nwa210ax_firmwarewax620d-6e_firmwarewac500hvpn100nwa220ax-6e_firmwareatp100nwa50ax_firmwareusg_flex_200wac500h_firmwareusg_flex_100nwa210axnwa50ax-proatp100wnwa50axwax640s-6e_firmwarewax610datp200atp700nwa1123acv3wax620d-6ewbe660snwa110ax_firmwareusg_flex_700vpn50wvpn300nwa55axeusg_flex_100wwac500nwa90ax-prowax510d_firmwarezldwax630s_firmwarewac500_firmwarewax655eusg_20w-vpnnwa90ax_firmwarewax640s-6ewbe660s_firmwareatp800vpn50nwa90ax-pro_firmwarenwa90axusg_flex_50wwax510dwax650s_firmwareatp500wax655e_firmwarenwa50ax-pro_firmwarewax610d_firmwarevpn1000wax630snwa110axnwa220ax-6ewax650snwa1123acv3_firmwareusg_flex_500usg_flex_50nwa55axe_firmwareUSG FLEX 50(W) series firmwareATP series firmwareWAC500 firmwareVPN series firmwareNWA50AX firmwareUSG FLEX series firmwareUSG20(W)-VPN series firmwareWBE660S firmwareWAX300H firmware
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-51433
Matching Score-4
Assigner-Honor Device Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Honor Device Co., Ltd.
CVSS Score-2.9||LOW
EPSS-0.12% / 30.79%
||
7 Day CHG~0.00%
Published-29 Dec, 2023 | 03:47
Updated-02 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.

Action-Not Available
Vendor-Honor Device Co., Ltd.
Product-magic_uiMagic UI
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-51429
Matching Score-4
Assigner-Honor Device Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Honor Device Co., Ltd.
CVSS Score-6||MEDIUM
EPSS-0.06% / 19.76%
||
7 Day CHG~0.00%
Published-29 Dec, 2023 | 03:36
Updated-09 Sep, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.

Action-Not Available
Vendor-Honor Device Co., Ltd.
Product-magic_osMagic OS
CWE ID-CWE-269
Improper Privilege Management
  • Previous
  • 1
  • 2
  • Next
Details not found