From a3cdfac90802fd63e4d6c0caab0d36287cd8ce71 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Feb 2024 19:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/21xxx/CVE-2023-21165.json | 53 ++++++++++++++++++-- 2023/40xxx/CVE-2023-40085.json | 66 ++++++++++++++++++++++-- 2024/0xxx/CVE-2024-0015.json | 70 ++++++++++++++++++++++++-- 2024/1xxx/CVE-2024-1591.json | 80 ++++++++++++++++++++++++++++-- 2024/21xxx/CVE-2024-21915.json | 91 ++++++++++++++++++++++++++++++++-- 5 files changed, 340 insertions(+), 20 deletions(-) diff --git a/2023/21xxx/CVE-2023-21165.json b/2023/21xxx/CVE-2023-21165.json index 59af5a92c51..ea2b981647b 100644 --- a/2023/21xxx/CVE-2023-21165.json +++ b/2023/21xxx/CVE-2023-21165.json @@ -1,17 +1,62 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-21165", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": " In DevmemIntUnmapPMR of devicemem_server.c, there is a possible arbitrary\n code execution due to a use after free. This could lead to local escalation\n of privilege in the kernel with no additional execution privileges needed.\n User interaction is not needed for exploitation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Android SoC" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://source.android.com/security/bulletin/2024-01-01", + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2024-01-01" } ] } diff --git a/2023/40xxx/CVE-2023-40085.json b/2023/40xxx/CVE-2023-40085.json index ecd34e7acb7..d52fa0217f0 100644 --- a/2023/40xxx/CVE-2023-40085.json +++ b/2023/40xxx/CVE-2023-40085.json @@ -1,17 +1,75 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40085", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13" + }, + { + "version_affected": "=", + "version_value": "12L" + }, + { + "version_affected": "=", + "version_value": "12" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/ed6ee1f7eca7b33160e36ac6d730a9ef395ca4f1", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/ed6ee1f7eca7b33160e36ac6d730a9ef395ca4f1" + }, + { + "url": "https://source.android.com/security/bulletin/2024-01-01", + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2024-01-01" } ] } diff --git a/2024/0xxx/CVE-2024-0015.json b/2024/0xxx/CVE-2024-0015.json index 5dec008f60f..484f14e7ddc 100644 --- a/2024/0xxx/CVE-2024-0015.json +++ b/2024/0xxx/CVE-2024-0015.json @@ -1,17 +1,79 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0015", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "13" + }, + { + "version_affected": "=", + "version_value": "12L" + }, + { + "version_affected": "=", + "version_value": "12" + }, + { + "version_affected": "=", + "version_value": "11" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70" + }, + { + "url": "https://source.android.com/security/bulletin/2024-01-01", + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2024-01-01" } ] } diff --git a/2024/1xxx/CVE-2024-1591.json b/2024/1xxx/CVE-2024-1591.json index 23d501352c7..21df6a553f1 100644 --- a/2024/1xxx/CVE-2024-1591.json +++ b/2024/1xxx/CVE-2024-1591.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-1591", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@beyondtrust.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "BeyondTrust", + "product": { + "product_data": [ + { + "product_name": "Privilege Management for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1", + "version_value": "24.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02", + "refsource": "MISC", + "name": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "BT24-02", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/21xxx/CVE-2024-21915.json b/2024/21xxx/CVE-2024-21915.json index 4179e518734..8b526e3f87d 100644 --- a/2024/21xxx/CVE-2024-21915.json +++ b/2024/21xxx/CVE-2024-21915.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-21915", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "PSIRT@rockwellautomation.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\nA privilege escalation vulnerability exists in Rockwell Automation FactoryTalk\u00ae Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTSP system unavailable.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-732 Incorrect Permission Assignment for Critical Resource", + "cweId": "CWE-732" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rockwell Automation", + "product": { + "product_data": [ + { + "product_name": "FactoryTalk\u00ae Service Platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "
  • Update to v2.74 or later.
  • \n\n

    Customers using the affected software are encouraged to apply the risk mitigations, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the risk of vulnerability.

    \n\n
    • " + } + ], + "value": " * Update to v2.74 or later.\n * \n\nCustomers using the affected software are encouraged to apply the risk mitigations, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the risk of vulnerability.\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \n\n\n\n\n\n\n\n\n" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] }