CVE-2023-2331

Published: Apr 27, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Unquoted service Path or Element vulnerability in 42Gears Surelock Windows SureLock Service (NixService.Exe) on Windows application will allows to insert arbitrary code into the service. This issue affects Surelock Windows : from 2.3.12 through 2.40.0.

Affected (1)

Products: 42gears: Surelock

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
42gears Surelock	From 2.3.12 to 2.41.0

Related CWEs

Unquoted Search Path or Element

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

References (3)

https://www.42gears.com/security-and-compliance

Source: security@42gears.com

Not Applicable

https://www.42gears.com/security-and-compliance/42g-2023-001/

Source: nvd@nist.gov

Vendor Advisory

https://www.42gears.com/security-and-compliance

Source: af854a3a-2127-422b-91ae-364da2661108

Not Applicable

Timeline

No history available yet.