Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
7 vulnerabilities by portrait
CVE-2025-53919 (GCVE-0-2025-53919)
Vulnerability from nvd – Published: 2025-12-17 00:00 – Updated: 2025-12-17 19:37- n/a
- CWE-276 - Incorrect Default Permissions
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53919",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T19:34:24.155338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T19:37:11.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during installation and uninstallation. A low-privileged attacker with local access could potentially exploit this, leading to elevation of privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T16:23:11.840Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://portrait.com/dell"
},
{
"url": "https://www.portrait.com/dell-security-cve-updates/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-53919",
"datePublished": "2025-12-17T00:00:00.000Z",
"dateReserved": "2025-07-14T00:00:00.000Z",
"dateUpdated": "2025-12-17T19:37:11.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53398 (GCVE-0-2025-53398)
Vulnerability from nvd – Published: 2025-12-17 00:00 – Updated: 2025-12-18 18:54- n/a
- CWE-276 - Incorrect Default Permissions
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53398",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T16:01:34.671673Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T18:54:20.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Portrait Dell Color Management application 3.3.8 for Dell monitors has Insecure Permissions,"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T16:22:09.213Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.portrait.com/dell/"
},
{
"url": "https://www.portrait.com/dell-security-cve-updates/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-53398",
"datePublished": "2025-12-17T00:00:00.000Z",
"dateReserved": "2025-06-29T00:00:00.000Z",
"dateUpdated": "2025-12-18T18:54:20.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2017-3210 (GCVE-0-2017-3210)
Vulnerability from nvd – Published: 2018-07-24 15:00 – Updated: 2024-08-05 14:16| URL | Tags |
|---|---|
| https://www.securityfocus.com/bid/98006 | vdb-entryx_refsource_BID |
| https://www.kb.cert.org/vuls/id/219739 | third-party-advisoryx_refsource_CERT-VN |
| Vendor | Product | Version | |
|---|---|---|---|
| Portrait Display | SDK |
Affected:
2.30 , < 2.34*
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98006",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/98006"
},
{
"name": "VU#219739",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/219739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SDK",
"vendor": "Portrait Display",
"versions": [
{
"lessThan": "2.34*",
"status": "affected",
"version": "2.30",
"versionType": "custom"
}
]
}
],
"datePublic": "2017-04-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-24T14:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "98006",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/98006"
},
{
"name": "VU#219739",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/219739"
}
],
"solutions": [
{
"lang": "en",
"value": "Thanks to Werner Schober of SEC Consult for reporting this vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-3210",
"STATE": "PUBLIC",
"TITLE": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SDK",
"version": {
"version_data": [
{
"affected": "\u003e",
"version_affected": "\u003e",
"version_name": "2.34",
"version_value": "2.30"
}
]
}
}
]
},
"vendor_name": "Portrait Display"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98006",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/98006"
},
{
"name": "VU#219739",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/219739"
}
]
},
"solution": [
{
"lang": "en",
"value": "Thanks to Werner Schober of SEC Consult for reporting this vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-3210",
"datePublished": "2018-07-24T15:00:00.000Z",
"dateReserved": "2016-12-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:16:28.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53919 (GCVE-0-2025-53919)
Vulnerability from cvelistv5 – Published: 2025-12-17 00:00 – Updated: 2025-12-17 19:37- n/a
- CWE-276 - Incorrect Default Permissions
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53919",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T19:34:24.155338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T19:37:11.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during installation and uninstallation. A low-privileged attacker with local access could potentially exploit this, leading to elevation of privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T16:23:11.840Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://portrait.com/dell"
},
{
"url": "https://www.portrait.com/dell-security-cve-updates/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-53919",
"datePublished": "2025-12-17T00:00:00.000Z",
"dateReserved": "2025-07-14T00:00:00.000Z",
"dateUpdated": "2025-12-17T19:37:11.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53398 (GCVE-0-2025-53398)
Vulnerability from cvelistv5 – Published: 2025-12-17 00:00 – Updated: 2025-12-18 18:54- n/a
- CWE-276 - Incorrect Default Permissions
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53398",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T16:01:34.671673Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T18:54:20.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Portrait Dell Color Management application 3.3.8 for Dell monitors has Insecure Permissions,"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T16:22:09.213Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.portrait.com/dell/"
},
{
"url": "https://www.portrait.com/dell-security-cve-updates/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-53398",
"datePublished": "2025-12-17T00:00:00.000Z",
"dateReserved": "2025-06-29T00:00:00.000Z",
"dateUpdated": "2025-12-18T18:54:20.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2017-3210 (GCVE-0-2017-3210)
Vulnerability from cvelistv5 – Published: 2018-07-24 15:00 – Updated: 2024-08-05 14:16| URL | Tags |
|---|---|
| https://www.securityfocus.com/bid/98006 | vdb-entryx_refsource_BID |
| https://www.kb.cert.org/vuls/id/219739 | third-party-advisoryx_refsource_CERT-VN |
| Vendor | Product | Version | |
|---|---|---|---|
| Portrait Display | SDK |
Affected:
2.30 , < 2.34*
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98006",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/98006"
},
{
"name": "VU#219739",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/219739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SDK",
"vendor": "Portrait Display",
"versions": [
{
"lessThan": "2.34*",
"status": "affected",
"version": "2.30",
"versionType": "custom"
}
]
}
],
"datePublic": "2017-04-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-24T14:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "98006",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/98006"
},
{
"name": "VU#219739",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/219739"
}
],
"solutions": [
{
"lang": "en",
"value": "Thanks to Werner Schober of SEC Consult for reporting this vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-3210",
"STATE": "PUBLIC",
"TITLE": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SDK",
"version": {
"version_data": [
{
"affected": "\u003e",
"version_affected": "\u003e",
"version_name": "2.34",
"version_value": "2.30"
}
]
}
}
]
},
"vendor_name": "Portrait Display"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98006",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/98006"
},
{
"name": "VU#219739",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/219739"
}
]
},
"solution": [
{
"lang": "en",
"value": "Thanks to Werner Schober of SEC Consult for reporting this vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-3210",
"datePublished": "2018-07-24T15:00:00.000Z",
"dateReserved": "2016-12-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:16:28.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-201807-0265
Vulnerability from variot - Updated: 2023-12-18 12:28Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26. this SDK In multiple applications created using Authenticated Users It was reported that it can be changed with the authority of. Portrait Displays SDK is prone to a local privilege-escalation vulnerability. Portrait Display SDK 2.30 through 2.34 are vulnerable. Portrait Displays is a scalable platform supporting all display technologies and embedded control platforms for displays
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-0265",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "displayview click",
"scope": "eq",
"trust": 2.1,
"vendor": "fujitsu",
"version": "6.01"
},
{
"model": "displayview click",
"scope": "eq",
"trust": 2.1,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "smart control premium",
"scope": "eq",
"trust": 1.9,
"vendor": "philips",
"version": "2.25"
},
{
"model": "smart control premium",
"scope": "eq",
"trust": 1.3,
"vendor": "philips",
"version": "2.23"
},
{
"model": "my display",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "display assistant",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "display sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "portrait",
"version": "2.34"
},
{
"model": "displayview click suite",
"scope": "eq",
"trust": 1.0,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "display sdk",
"scope": "gte",
"trust": 1.0,
"vendor": "portrait",
"version": "2.30"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "portrait displays",
"version": null
},
{
"model": "smart control premium",
"scope": "eq",
"trust": 0.8,
"vendor": "koninklijke philips n v",
"version": "2.23"
},
{
"model": "smart control premium",
"scope": "eq",
"trust": 0.8,
"vendor": "koninklijke philips n v",
"version": "2.25"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "portrait displays",
"version": "2.30 to 2.34"
},
{
"model": "hp display assistant",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "2.1"
},
{
"model": "hp my display",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "2.0"
},
{
"model": "displayview click",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "suite 5"
},
{
"model": "displays sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "portrait",
"version": "2.34"
},
{
"model": "displays sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "portrait",
"version": "2.30"
},
{
"model": "displayview click suite",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5"
},
{
"model": "smart control premium",
"scope": "ne",
"trust": 0.3,
"vendor": "philips",
"version": "2.26"
},
{
"model": "my display",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "display assistant",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.11"
},
{
"model": "displayview click suite",
"scope": "ne",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.9"
},
{
"model": "displayview click",
"scope": "ne",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#219739"
},
{
"db": "BID",
"id": "98006"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002744"
},
{
"db": "NVD",
"id": "CVE-2017-3210"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:portrait:portrait_display_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.34",
"versionStartIncluding": "2.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:fujitsu:displayview_click:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fujitsu:displayview_click_suite:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fujitsu:displayview_click:6.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:display_assistant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:my_display:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:philips:smart_control_premium:2.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:philips:smart_control_premium:2.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3210"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Werner Schober of SEC Consult",
"sources": [
{
"db": "BID",
"id": "98006"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
],
"trust": 0.9
},
"cve": "CVE-2017-3210",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 1.5,
"exploitability": "NOT DEFINED",
"exploitabilityScore": 3.1,
"id": "CVE-2017-3210",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "LOW",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "Single",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 6.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2017-002744",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-111413",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-002744",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3210",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-3210",
"trust": 0.8,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2017-002744",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-1417",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-111413",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#219739"
},
{
"db": "VULHUB",
"id": "VHN-111413"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002744"
},
{
"db": "NVD",
"id": "CVE-2017-3210"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26. this SDK In multiple applications created using Authenticated Users It was reported that it can be changed with the authority of. Portrait Displays SDK is prone to a local privilege-escalation vulnerability. \nPortrait Display SDK 2.30 through 2.34 are vulnerable. Portrait Displays is a scalable platform supporting all display technologies and embedded control platforms for displays",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3210"
},
{
"db": "CERT/CC",
"id": "VU#219739"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002744"
},
{
"db": "BID",
"id": "98006"
},
{
"db": "VULHUB",
"id": "VHN-111413"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-111413",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111413"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3210",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#219739",
"trust": 3.6
},
{
"db": "BID",
"id": "98006",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU96080594",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002744",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1417",
"trust": 0.7
},
{
"db": "TENABLE",
"id": "TNS-2017-10",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "142312",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-111413",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#219739"
},
{
"db": "VULHUB",
"id": "VHN-111413"
},
{
"db": "BID",
"id": "98006"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002744"
},
{
"db": "NVD",
"id": "CVE-2017-3210"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
]
},
"id": "VAR-201807-0265",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-111413"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:28:53.384000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u5bcc\u58eb\u901a\u682a\u5f0f\u4f1a\u793e \u306e\u544a\u77e5\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://support.ts.fujitsu.com/content/quicksearchresult.asp?lng=com\u0026q=displayview+click"
},
{
"title": "Security Update!",
"trust": 0.8,
"url": "http://www.portrait.com/securityupdate.html"
},
{
"title": "Portrait Displays SDK Fixes for permission permissions and access control vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=69668"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002744"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-16",
"trust": 1.1
},
{
"problemtype": "CWE-276",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111413"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002744"
},
{
"db": "NVD",
"id": "CVE-2017-3210"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://www.kb.cert.org/vuls/id/219739"
},
{
"trust": 1.7,
"url": "https://www.securityfocus.com/bid/98006"
},
{
"trust": 1.1,
"url": "http://www.portrait.com/securityupdate.html"
},
{
"trust": 1.1,
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170425-0_portrait_displays_sdk_privilege_escalation_v10.txt"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/en/vulnerability-lab/advisories.htm"
},
{
"trust": 0.8,
"url": "http://blog.sec-consult.com/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3210"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96080594/index.html"
},
{
"trust": 0.8,
"url": "http://blog.sec-consult.com/2017/04/what-unites-hp-philips-and-fujitsu-one.html"
},
{
"trust": 0.3,
"url": "http://www.tenable.com/products/nessus"
},
{
"trust": 0.3,
"url": "https://www.tenable.com/security/tns-2017-10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#219739"
},
{
"db": "VULHUB",
"id": "VHN-111413"
},
{
"db": "BID",
"id": "98006"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002744"
},
{
"db": "NVD",
"id": "CVE-2017-3210"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#219739"
},
{
"db": "VULHUB",
"id": "VHN-111413"
},
{
"db": "BID",
"id": "98006"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002744"
},
{
"db": "NVD",
"id": "CVE-2017-3210"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-25T00:00:00",
"db": "CERT/CC",
"id": "VU#219739"
},
{
"date": "2018-07-24T00:00:00",
"db": "VULHUB",
"id": "VHN-111413"
},
{
"date": "2017-04-25T00:00:00",
"db": "BID",
"id": "98006"
},
{
"date": "2017-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002744"
},
{
"date": "2018-07-24T15:29:00.733000",
"db": "NVD",
"id": "CVE-2017-3210"
},
{
"date": "2017-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-25T00:00:00",
"db": "CERT/CC",
"id": "VU#219739"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-111413"
},
{
"date": "2017-05-02T03:09:00",
"db": "BID",
"id": "98006"
},
{
"date": "2017-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002744"
},
{
"date": "2019-10-09T23:27:23.587000",
"db": "NVD",
"id": "CVE-2017-3210"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "98006"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Portrait Displays SDK applications are vulnerable to arbitrary code execution and privilege escalation",
"sources": [
{
"db": "CERT/CC",
"id": "VU#219739"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Configuration Error",
"sources": [
{
"db": "BID",
"id": "98006"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1417"
}
],
"trust": 0.9
}
}