CVE-2024-25029

CVSS V2 None CVSS V3 None
Description
IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable to remote code execution (RCE) and local privilege escalation (LPE). The vulnerability allows any unprivileged user with network access to a target computer to run commands with full privileges in the context of NT AUTHORITY\SYSTEM. This allows for a low privileged attacker to move laterally to affected systems and to escalate their privileges. IBM X-Force ID: 281619.
Overview
  • CVE ID
  • CVE-2024-25029
  • Assigner
  • ibm
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-04-06T11:51:45.548Z
  • Last Modified Date
  • 2024-06-19T22:10:54.453Z
History
Created Old Value New Value Data Type Notes
2024-06-26 13:02:37 Added to TrackCVE