CVE-2023-38557 (spectrum_power_7) | allinfosecnews.com

Sept. 14, 2023, 11:15 a.m. |

National Vulnerability Database web.nvd.nist.gov

A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q3). The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

access access rights arbitrary code attacker code cve inject local power privileges product rights script spectrum update vulnerability

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov

android bypass check cve +10

Cryptography Software Developer

@ Intel | USA - AZ - Chandler

View on infosec-jobs.com

Lead Consultant, Geology

@ WSP | Richmond, VA, United States

View on infosec-jobs.com

BISO Cybersecurity Director

@ ABM Industries | Alpharetta, GA, United States

View on infosec-jobs.com

TTECH Analista de ciberseguridad

@ Telefónica | LIMA, PE

View on infosec-jobs.com

TRANSCOM IGC - Cloud Security Engineer

@ IT Partners, Inc | St. Louis, Missouri, United States

View on infosec-jobs.com

Sr Cyber Threat Hunt Researcher

@ Peraton | Beltsville, MD, United States

View on infosec-jobs.com