Panini Everest Engine 2.0.4

CPE Details

Panini Everest Engine 2.0.4
panini
everest_engine
2.0.4
2022-10-11
12h48 +00:00
2022-11-09
15h47 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:panini:everest_engine:2.0.4:*:*:*:*:*:*:*

Informations

Vendor

panini

Product

everest_engine

Version

2.0.4

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-39959 2022-10-06 22h00 +00:00 Panini Everest Engine 2.0.4 allows unprivileged users to create a file named Everest.exe in the %PROGRAMDATA%\Panini folder. This leads to privilege escalation because a service, running as SYSTEM, uses the unquoted path of %PROGRAMDATA%\Panini\Everest Engine\EverestEngine.exe and therefore a Trojan horse %PROGRAMDATA%\Panini\Everest.exe may be executed instead of the intended vendor-supplied EverestEngine.exe file.
7.8
Haute