CVE-2022-23862

A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX service running on port 9696 is vulnerable to JMX MLet attacks. Because the service did not enforce authentication and was running under the "NT Authority\System" user, an attacker is able to use the vulnerability to execute arbitrary code and elevate to the system user.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ysoft:safeq:6.0:build53:*:*:*:*:*:*

History

30 Oct 2024, 21:21

Type Values Removed Values Added
References () https://github.com/mbadanoiu/CVE-2022-23862 - () https://github.com/mbadanoiu/CVE-2022-23862 - Exploit, Third Party Advisory
References () https://github.com/mbadanoiu/CVE-2022-23862/blob/main/SafeQ%20-%20CVE-2022-23862.pdf - () https://github.com/mbadanoiu/CVE-2022-23862/blob/main/SafeQ%20-%20CVE-2022-23862.pdf - Exploit
References () https://ysoft.com - () https://ysoft.com - Product
CPE cpe:2.3:a:ysoft:safeq:6.0:build53:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 8.4
v2 : unknown
v3 : 7.8
First Time Ysoft safeq
Ysoft

23 Oct 2024, 15:12

Type Values Removed Values Added
Summary
  • (es) Se descubrió un problema de escalada de privilegios locales en Y Soft SAFEQ 6 Build 53. El servicio JMX de SafeQ que se ejecuta en el puerto 9696 es vulnerable a ataques JMX MLet. Debido a que el servicio no aplicaba la autenticación y se ejecutaba bajo el usuario "NT Authority\System", un atacante puede usar la vulnerabilidad para ejecutar código arbitrario y ascender al usuario del sistema.

22 Oct 2024, 19:35

Type Values Removed Values Added
CWE CWE-306
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.4

22 Oct 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-22 16:15

Updated : 2024-10-30 21:21


NVD link : CVE-2022-23862

Mitre link : CVE-2022-23862

CVE.ORG link : CVE-2022-23862


JSON object : View

Products Affected

ysoft

  • safeq
CWE
CWE-306

Missing Authentication for Critical Function