admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-11-08 13:00:36 +00:00
parent 987bb2c4f8
commit bb38e7dcc9
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
5 changed files with 342 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
2024/50xxx/CVE-2024-50591.json
View File

@ -1,18 +1,115 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-50591",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-research@sec-consult.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An attacker with local access the to medical office computer can \nescalate his Windows user privileges to \"NT AUTHORITY\\SYSTEM\" by \nexploiting a command injection vulnerability in the Elefant Update \nService. The command injection can be exploited by communicating with \nthe Elefant Update Service which is running as \"SYSTEM\" via Windows \nNamed Pipes.The Elefant Software Updater (ESU) consists of two components. An ESU\n service which runs as \"NT AUTHORITY\\SYSTEM\" and an ESU tray client \nwhich communicates with the service to update or repair the installation\n and is running with user permissions. The communication is implemented \nusing named pipes. A crafted message of type \n\"MessageType.SupportServiceInfos\" can be sent to the local ESU service \nto inject commands, which are then executed as \"NT AUTHORITY\\SYSTEM\"."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')",
"cweId": "CWE-77"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HASOMED",
"product": {
"product_data": [
{
"product_name": "Elefant Software Updater",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<1.4.2.1811"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://r.sec-consult.com/hasomed",
"refsource": "MISC",
"name": "https://r.sec-consult.com/hasomed"
},
{
"url": "https://hasomed.de/produkte/elefant/",
"refsource": "MISC",
"name": "https://hasomed.de/produkte/elefant/"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>While workarounds such as modifying the Elefant windows firewall \nrules and manually adjusting file permissions in the installation folder\n are feasible workarounds for some of the vulnerabilities, it is \nrecommended to install the patches provided by the vendor.</p>"
}
],
"value": "While workarounds such as modifying the Elefant windows firewall \nrules and manually adjusting file permissions in the installation folder\n are feasible workarounds for some of the vulnerabilities, it is \nrecommended to install the patches provided by the vendor."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>The vendor fixed the issue in version 1.4.2.1811&nbsp;(or higher) of the Elefant Software Updater which can be downloaded from <a target=\"_blank\" rel=\"nofollow\" href=\"https://hasomed.de/produkte/elefant/\">hasomed.de/produkte/elefant/</a> or via the Elefant Software Updater itself.<br></p>"
}
],
"value": "The vendor fixed the issue in version 1.4.2.1811\u00a0(or higher) of the Elefant Software Updater which can be downloaded from hasomed.de/produkte/elefant/ https://hasomed.de/produkte/elefant/ or via the Elefant Software Updater itself."
}
],
"credits": [
{
"lang": "en",
"value": "Tobias Niemann, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"value": "Daniel Hirschberger, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"value": "Florian Stuhlmann, SEC Consult Vulnerability Lab"
}
]
}

107
2024/50xxx/CVE-2024-50592.json
View File

@ -1,18 +1,115 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-50592",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-research@sec-consult.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An attacker with local access the to medical office computer can \nescalate his Windows user privileges to \"NT AUTHORITY\\SYSTEM\" by \nexploiting a race condition in the Elefant Update Service during the \nrepair or update process.\u00a0When using the repair function, the service queries the server for a \nlist of files and their hashes. In addition, instructions to execute \nbinaries to finalize the repair process are included.\u00a0The executables are executed as \"NT AUTHORITY\\SYSTEM\" after they are \ncopied over to the user writable installation folder (C:\\Elefant1). This\n means that a user can overwrite either \"PostESUUpdate.exe\" or \n\"Update_OpenJava.exe\" in the time frame after the copy and before the \nexecution of the final repair step. The overwritten executable is then executed as \"NT AUTHORITY\\SYSTEM\"."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"cweId": "CWE-367"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HASOMED",
"product": {
"product_data": [
{
"product_name": "Elefant Software Updater",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<1.4.2.1811"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://r.sec-consult.com/hasomed",
"refsource": "MISC",
"name": "https://r.sec-consult.com/hasomed"
},
{
"url": "https://hasomed.de/produkte/elefant/",
"refsource": "MISC",
"name": "https://hasomed.de/produkte/elefant/"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>While workarounds such as modifying the Elefant windows firewall \nrules and manually adjusting file permissions in the installation folder\n are feasible workarounds for some of the vulnerabilities, it is \nrecommended to install the patches provided by the vendor.</p>"
}
],
"value": "While workarounds such as modifying the Elefant windows firewall \nrules and manually adjusting file permissions in the installation folder\n are feasible workarounds for some of the vulnerabilities, it is \nrecommended to install the patches provided by the vendor."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>The vendor fixed the issue in version 1.4.2.1811 (or higher) of the Elefant Software Updater which can be downloaded from <a target=\"_blank\" rel=\"nofollow\" href=\"https://hasomed.de/produkte/elefant/\">hasomed.de/produkte/elefant/</a> or via the Elefant Software Updater itself.<br></p>"
}
],
"value": "The vendor fixed the issue in version 1.4.2.1811 (or higher) of the Elefant Software Updater which can be downloaded from hasomed.de/produkte/elefant/ https://hasomed.de/produkte/elefant/ or via the Elefant Software Updater itself."
}
],
"credits": [
{
"lang": "en",
"value": "Tobias Niemann, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"value": "Daniel Hirschberger, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"value": "Florian Stuhlmann, SEC Consult Vulnerability Lab"
}
]
}

107
2024/50xxx/CVE-2024-50593.json
View File

@ -1,18 +1,115 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-50593",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-research@sec-consult.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An attacker with local access to the medical office computer can \naccess restricted functions of the Elefant Service tool by using a \nhard-coded \"Hotline\" password in the Elefant service binary, which is shipped with the software."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials",
"cweId": "CWE-798"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HASOMED",
"product": {
"product_data": [
{
"product_name": "Elefant",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<24.03.03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://r.sec-consult.com/hasomed",
"refsource": "MISC",
"name": "https://r.sec-consult.com/hasomed"
},
{
"url": "https://hasomed.de/produkte/elefant/",
"refsource": "MISC",
"name": "https://hasomed.de/produkte/elefant/"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>While workarounds such as modifying the Elefant windows firewall \nrules and manually adjusting file permissions in the installation folder\n are feasible workarounds for some of the vulnerabilities, it is \nrecommended to install the patches provided by the vendor.</p>"
}
],
"value": "While workarounds such as modifying the Elefant windows firewall \nrules and manually adjusting file permissions in the installation folder\n are feasible workarounds for some of the vulnerabilities, it is \nrecommended to install the patches provided by the vendor."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>The vendor fixed the issue in version 24.03.03 (or higher) which can be downloaded from <a target=\"_blank\" rel=\"nofollow\" href=\"https://hasomed.de/produkte/elefant/\">hasomed.de/produkte/elefant/</a> or via the Elefant Software Updater.<br></p>"
}
],
"value": "The vendor fixed the issue in version 24.03.03 (or higher) which can be downloaded from hasomed.de/produkte/elefant/ https://hasomed.de/produkte/elefant/ or via the Elefant Software Updater."
}
],
"credits": [
{
"lang": "en",
"value": "Tobias Niemann, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"value": "Daniel Hirschberger, SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"value": "Florian Stuhlmann, SEC Consult Vulnerability Lab"
}
]
}

18
2024/52xxx/CVE-2024-52334.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-52334",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/52xxx/CVE-2024-52335.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-52335",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}