CVE-2024-41139

July 29, 2024, 2:12 p.m.

None
No Score

Description

Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the product's Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privilege.

Product(s) Impacted

Product Versions
SKYSEA Client View
  • ['6.010.06', '19.210.04e']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://jvn.jp/en/jp/JVN84326763/
https://www.skyseaclientview.net/news/240729_02/

Tags

vultures@jpcert.or.jp
2024-07-29
CVE-2024-41139

Timeline

Published: July 29, 2024, 9:15 a.m.
Last Modified: July 29, 2024, 2:12 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

vultures@jpcert.or.jp

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.