Search criteria
20 vulnerabilities by jungo
CVE-2023-51776 (GCVE-0-2023-51776)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2025-03-13 19:09
VLAI
Summary
Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-08T20:35:51.771087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T19:09:16.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:48:11.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:40:36.672Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51776",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2023-12-25T00:00:00.000Z",
"dateUpdated": "2025-03-13T19:09:16.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51777 (GCVE-0-2023-51777)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2024-10-28 01:36
VLAI
Summary
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51777",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-05T15:21:05.227409Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T01:36:09.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:48:11.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:41:24.936Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51777",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2023-12-25T00:00:00.000Z",
"dateUpdated": "2024-10-28T01:36:09.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25086 (GCVE-0-2024-25086)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2024-08-01 23:36
VLAI
Summary
Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jungo:windriver:12.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windriver",
"vendor": "jungo",
"versions": [
{
"lessThan": "12.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25086",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T14:39:42.792039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T14:45:40.596Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:46:35.142Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25086",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2024-02-04T00:00:00.000Z",
"dateUpdated": "2024-08-01T23:36:21.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22103 (GCVE-0-2024-22103)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2024-08-01 22:35
VLAI
Summary
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windriver",
"vendor": "jungo",
"versions": [
{
"lessThan": "12.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22103",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T18:49:22.001562Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T18:54:12.081Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:43:45.109Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-22103",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2024-01-05T00:00:00.000Z",
"dateUpdated": "2024-08-01T22:35:34.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25088 (GCVE-0-2024-25088)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2024-08-01 23:36
VLAI
Summary
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windriver",
"vendor": "jungo",
"versions": [
{
"lessThan": "12.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25088",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-08T20:13:12.712262Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T15:40:12.180Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:48:12.787Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25088",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2024-02-04T00:00:00.000Z",
"dateUpdated": "2024-08-01T23:36:21.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51778 (GCVE-0-2023-51778)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2025-03-13 18:32
VLAI
Summary
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-787 - Out-of-bounds Write
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51778",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T15:40:06.299349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T18:32:58.691Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:48:11.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:42:00.481Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51778",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2023-12-25T00:00:00.000Z",
"dateUpdated": "2025-03-13T18:32:58.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22105 (GCVE-0-2024-22105)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2025-03-13 19:09
VLAI
Summary
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-404 - Improper Resource Shutdown or Release
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22105",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T19:42:22.254120Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Improper Resource Shutdown or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T19:09:13.959Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:45:08.292Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-22105",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2024-01-05T00:00:00.000Z",
"dateUpdated": "2025-03-13T19:09:13.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22102 (GCVE-0-2024-22102)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2025-03-18 19:41
VLAI
Summary
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22102",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T15:41:36.140573Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T19:41:52.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:42:59.370Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-22102",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2024-01-05T00:00:00.000Z",
"dateUpdated": "2025-03-18T19:41:52.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22106 (GCVE-0-2024-22106)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2024-08-01 22:35
VLAI
Summary
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS).
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jungo:windriver:12.5.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windriver",
"vendor": "jungo",
"versions": [
{
"lessThan": "12.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22106",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T21:21:41.420629Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T21:24:36.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:45:42.511Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-22106",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2024-01-05T00:00:00.000Z",
"dateUpdated": "2024-08-01T22:35:34.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22104 (GCVE-0-2024-22104)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2024-08-01 22:35
VLAI
Summary
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jungo:windriver:12.5.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windriver",
"vendor": "jungo",
"versions": [
{
"lessThan": "12.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22104",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T14:47:59.796129Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T14:51:19.389Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.727Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:44:29.372Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-22104",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2024-01-05T00:00:00.000Z",
"dateUpdated": "2024-08-01T22:35:34.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26314 (GCVE-0-2024-26314)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2025-03-21 20:37
VLAI
Summary
Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
32 products
| Vendor | Product | Version | |
|---|---|---|---|
| mitsubishielectric | cpu_module_logging_configuration_tool |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | gx_works2 |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:gx_works2:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | cw_configurator |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:cw_configurator:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | data_transfer |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:data_transfer:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | ezsocket |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:ezsocket:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | fr_configurator_sw3 |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | fr_configurator2 |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:fr_configurator2:-:*:*:*:*:*:*:* |
|
| iconics | genesis64 |
Affected:
0 , < *
(custom)
cpe:2.3:a:iconics:genesis64:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | gt_designer3 |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:gt_designer3:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | gt_softgot1000 |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:gt_softgot1000:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | gt_softgot2000 |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:gt_softgot2000:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | gx_developer |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:gx_developer:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | gx_logviewer |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:gx_logviewer:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | gx_works3 |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:gx_works3:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsoft_navigator |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:melsoft_navigator:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | mi_configurator |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:mi_configurator:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | fcsb1224 |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:fcsb1224:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | mr_configurator2 |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:mr_configurator2:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | mrzjw3-mc2-utl |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:mrzjw3-mc2-utl:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | mx_component |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:mx_component:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | mx_opc_server_da\/ua |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:mx_opc_server_da\/ua:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | px_developer |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:px_developer:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | rt_toolbox3 |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:rt_toolbox3:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | rt_visualbox |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:rt_visualbox:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | c_controller_module_setting_and_monitoring_tool |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:c_controller_module_setting_and_monitoring_tool:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | sw0dnc-mneth-b |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:sw0dnc-mneth-b:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | sw1dnc-ccbd2-b |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:sw1dnc-ccbd2-b:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | sw1dnc-ccief-j |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:sw1dnc-ccief-j:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | sw1dnc-ccief-b |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:sw1dnc-ccief-b:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | sw1dnc-mnetg-b |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:sw1dnc-mnetg-b:*:*:*:*:*:*:*:* |
|
| mitsubishielectric | sw1dnc-qsccf-b |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:sw1dnc-qsccf-b:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | sw1dnd-emsdk-b |
Affected:
0 , < *
(custom)
cpe:2.3:a:mitsubishielectric:sw1dnd-emsdk-b:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cpu_module_logging_configuration_tool",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:gx_works2:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gx_works2",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:cw_configurator:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cw_configurator",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:data_transfer:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "data_transfer",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:ezsocket:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ezsocket",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fr_configurator_sw3",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:fr_configurator2:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fr_configurator2",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:iconics:genesis64:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "genesis64",
"vendor": "iconics",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:gt_designer3:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gt_designer3",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:gt_softgot1000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gt_softgot1000",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:gt_softgot2000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gt_softgot2000",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:gx_developer:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gx_developer",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:gx_logviewer:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gx_logviewer",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:gx_works2:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gx_works2",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:gx_works3:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gx_works3",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:melsoft_navigator:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsoft_navigator",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:mi_configurator:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mi_configurator",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:fcsb1224:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fcsb1224",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:mr_configurator2:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mr_configurator2",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:mrzjw3-mc2-utl:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mrzjw3-mc2-utl",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:mx_component:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx_component",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:mx_opc_server_da\\/ua:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx_opc_server_da\\/ua",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:px_developer:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "px_developer",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:rt_toolbox3:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt_toolbox3",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:rt_visualbox:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt_visualbox",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:c_controller_module_setting_and_monitoring_tool:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "c_controller_module_setting_and_monitoring_tool",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:sw0dnc-mneth-b:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sw0dnc-mneth-b",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:sw1dnc-ccbd2-b:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sw1dnc-ccbd2-b",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:sw1dnc-ccief-j:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sw1dnc-ccief-j",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:sw1dnc-ccief-b:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sw1dnc-ccief-b",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:sw1dnc-mnetg-b:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sw1dnc-mnetg-b",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:sw1dnc-qsccf-b:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sw1dnc-qsccf-b",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mitsubishielectric:sw1dnd-emsdk-b:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sw1dnd-emsdk-b",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26314",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T16:03:22.624752Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-21T20:37:15.710Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:07:19.173Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:39:18.038Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-26314",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2024-02-19T00:00:00.000Z",
"dateUpdated": "2025-03-21T20:37:15.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25087 (GCVE-0-2024-25087)
Vulnerability from cvelistv5 – Published: 2024-07-02 00:00 – Updated: 2025-03-14 15:37
VLAI
Summary
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-404 - Improper Resource Shutdown or Release
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25087",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T19:41:50.366484Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Improper Resource Shutdown or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T15:37:11.649Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jungo.com/windriver/versions/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:47:33.372Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jungo.com/windriver/versions/"
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25087",
"datePublished": "2024-07-02T00:00:00.000Z",
"dateReserved": "2024-02-04T00:00:00.000Z",
"dateUpdated": "2025-03-14T15:37:11.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10072 (GCVE-0-2018-10072)
Vulnerability from cvelistv5 – Published: 2018-04-12 18:00 – Updated: 2024-09-16 20:07
VLAI
Summary
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953827bf DeviceIoControl call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/bigric3/windrvr1260_poc3 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:00.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigric3/windrvr1260_poc3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953827bf DeviceIoControl call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigric3/windrvr1260_poc3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10072",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953827bf DeviceIoControl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/bigric3/windrvr1260_poc3",
"refsource": "MISC",
"url": "https://github.com/bigric3/windrvr1260_poc3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10072",
"datePublished": "2018-04-12T18:00:00.000Z",
"dateReserved": "2018-04-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:07:06.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10071 (GCVE-0-2018-10071)
Vulnerability from cvelistv5 – Published: 2018-04-12 18:00 – Updated: 2024-09-17 01:10
VLAI
Summary
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953826DB DeviceIoControl call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/bigric3/windrvr1260_poc4 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:00.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigric3/windrvr1260_poc4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953826DB DeviceIoControl call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigric3/windrvr1260_poc4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953826DB DeviceIoControl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/bigric3/windrvr1260_poc4",
"refsource": "MISC",
"url": "https://github.com/bigric3/windrvr1260_poc4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10071",
"datePublished": "2018-04-12T18:00:00.000Z",
"dateReserved": "2018-04-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:10:47.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9136 (GCVE-0-2018-9136)
Vulnerability from cvelistv5 – Published: 2018-03-30 08:00 – Updated: 2024-08-05 07:17
VLAI
Summary
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file, a different vulnerability than CVE-2018-8821.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/bigric3/poc2 | x_refsource_MISC |
Date Public
2018-03-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigric3/poc2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file, a different vulnerability than CVE-2018-8821."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-30T07:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigric3/poc2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file, a different vulnerability than CVE-2018-8821."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/bigric3/poc2",
"refsource": "MISC",
"url": "https://github.com/bigric3/poc2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9136",
"datePublished": "2018-03-30T08:00:00.000Z",
"dateReserved": "2018-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:17:51.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8821 (GCVE-0-2018-8821)
Vulnerability from cvelistv5 – Published: 2018-03-20 07:00 – Updated: 2024-08-05 07:02
VLAI
Summary
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/bigric3/poc | x_refsource_MISC |
Date Public
2018-03-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:26.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigric3/poc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-20T06:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigric3/poc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/bigric3/poc",
"refsource": "MISC",
"url": "https://github.com/bigric3/poc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-8821",
"datePublished": "2018-03-20T07:00:00.000Z",
"dateReserved": "2018-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:02:26.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5189 (GCVE-0-2018-5189)
Vulnerability from cvelistv5 – Published: 2018-01-11 16:00 – Updated: 2024-08-05 05:26
VLAI
Summary
Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service (buffer overflow) or gain system privileges by flipping pool buffer size, aka a "double fetch" vulnerability.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.fidusinfosec.com/jungo-windriver-code… | x_refsource_MISC |
| https://www.exploit-db.com/exploits/43494/ | exploitx_refsource_EXPLOIT-DB |
Date Public
2018-01-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:26:47.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fidusinfosec.com/jungo-windriver-code-execution-cve-2018-5189/"
},
{
"name": "43494",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43494/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service (buffer overflow) or gain system privileges by flipping pool buffer size, aka a \"double fetch\" vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-12T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fidusinfosec.com/jungo-windriver-code-execution-cve-2018-5189/"
},
{
"name": "43494",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43494/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-5189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service (buffer overflow) or gain system privileges by flipping pool buffer size, aka a \"double fetch\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.fidusinfosec.com/jungo-windriver-code-execution-cve-2018-5189/",
"refsource": "MISC",
"url": "https://www.fidusinfosec.com/jungo-windriver-code-execution-cve-2018-5189/"
},
{
"name": "43494",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43494/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-5189",
"datePublished": "2018-01-11T16:00:00.000Z",
"dateReserved": "2018-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T05:26:47.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14344 (GCVE-0-2017-14344)
Vulnerability from cvelistv5 – Published: 2017-09-12 18:00 – Updated: 2024-08-05 19:20
VLAI
Summary
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x95382673 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/42665/ | exploitx_refsource_EXPLOIT-DB |
| http://srcincite.io/advisories/src-2017-0027/ | x_refsource_MISC |
Date Public
2017-09-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:20:41.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42665",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42665/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://srcincite.io/advisories/src-2017-0027/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x95382673 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-14T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42665",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42665/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://srcincite.io/advisories/src-2017-0027/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14344",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x95382673 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42665",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42665/"
},
{
"name": "http://srcincite.io/advisories/src-2017-0027/",
"refsource": "MISC",
"url": "http://srcincite.io/advisories/src-2017-0027/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14344",
"datePublished": "2017-09-12T18:00:00.000Z",
"dateReserved": "2017-09-12T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:20:41.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14075 (GCVE-0-2017-14075)
Vulnerability from cvelistv5 – Published: 2017-09-11 17:00 – Updated: 2024-08-05 19:13
VLAI
Summary
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://packetstormsecurity.com/files/144045/Jungo… | x_refsource_MISC |
| https://www.exploit-db.com/exploits/42625/ | exploitx_refsource_EXPLOIT-DB |
Date Public
2017-09-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:13:41.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html"
},
{
"name": "42625",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42625/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-11T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html"
},
{
"name": "42625",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42625/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14075",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html"
},
{
"name": "42625",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42625/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14075",
"datePublished": "2017-09-11T17:00:00.000Z",
"dateReserved": "2017-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:13:41.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14153 (GCVE-0-2017-14153)
Vulnerability from cvelistv5 – Published: 2017-09-11 17:00 – Updated: 2024-08-05 19:20
VLAI
Summary
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824b7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/42624/ | exploitx_refsource_EXPLOIT-DB |
| http://packetstormsecurity.com/files/144046/Jungo… | x_refsource_MISC |
Date Public
2017-09-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:20:40.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42624",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42624/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/144046/Jungo-DriverWizard-WinDrive-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824b7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-11T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42624",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42624/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/144046/Jungo-DriverWizard-WinDrive-Overflow.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14153",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824b7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42624",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42624/"
},
{
"name": "http://packetstormsecurity.com/files/144046/Jungo-DriverWizard-WinDrive-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/144046/Jungo-DriverWizard-WinDrive-Overflow.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14153",
"datePublished": "2017-09-11T17:00:00.000Z",
"dateReserved": "2017-09-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:20:40.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}