CVE-2024-7062
CVSS V2 None
CVSS V3 None
Description
Nimble Commander suffers from a privilege escalation vulnerability due to the server (info.filesmanager.Files.PrivilegedIOHelperV2) performing improper/insufficient validation of a client’s authorization before executing an operation. Consequently, it is possible to execute system-level commands as the root user, such as changing permissions and ownership, obtaining a handle (file descriptor) of an arbitrary file, and terminating processes, among other operations.
Overview
- CVE ID
- CVE-2024-7062
- Assigner
- Pentraze
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-07-26T11:26:31.720Z
- Last Modified Date
- 2024-07-26T11:26:31.720Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://pentraze.com/vulnerability-reports/CVE-2024-7062/ |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-7062 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7062 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-07-27 13:03:01 | Added to TrackCVE |