CVE-2024-31201

A “CWE-428: Unquoted Search Path or Element” affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenarios where incorrect permissions were assigned to the C:\ path to attempt a privilege escalation on the local machine.
Configurations

Configuration 1 (hide)

cpe:2.3:a:proges:thermoscan_ip:20211103:*:*:*:*:*:*:*

History

12 Aug 2024, 18:46

Type Values Removed Values Added
References () https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31201 - () https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31201 - Third Party Advisory
CPE cpe:2.3:a:proges:thermoscan_ip:20211103:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 6.5
v2 : unknown
v3 : 6.7
First Time Proges thermoscan Ip
Proges

01 Aug 2024, 12:42

Type Values Removed Values Added
Summary
  • (es) Un "CWE-428: Ruta o elemento de búsqueda sin comillas" afecta al servicio ThermoscanIP_Scrutation. Se podría abusar de esta mala configuración en escenarios donde se asignaron permisos incorrectos a la ruta C:\ para intentar una escalada de privilegios en la máquina local.

31 Jul 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-31 14:15

Updated : 2024-08-12 18:46


NVD link : CVE-2024-31201

Mitre link : CVE-2024-31201

CVE.ORG link : CVE-2024-31201


JSON object : View

Products Affected

proges

  • thermoscan_ip
CWE
CWE-428

Unquoted Search Path or Element