Vulnerabilities (CVE)

Filtered by vendor Cchgroup Subscribe
Filtered by product Prosystem Fx Engagement
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-9113 1 Cchgroup 1 Prosystem Fx Engagement 2024-11-21 7.2 HIGH N/A
CCH Wolters Kluwer ProSystem fx Engagement (aka PFX Engagement) 7.1 and earlier uses weak permissions (Authenticated Users: Modify and Write) for the (1) Pfx.Engagement.WcfServices, (2) PFXEngDesktopService, (3) PFXSYNPFTService, and (4) P2EWinService service files in PFX Engagement\, which allows local users to obtain LocalSystem privileges via a Trojan horse file.