CVE-2024-24964

Published: Mar 12, 2024Modified: May 23, 2025

6.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Exploitability: 2.8 / Impact: 3.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Improper access control vulnerability exists in the resident process of SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows client is installed.

Affected (1)

Products: Skygroup: Skysea Client View

1 product

Skysea Client View

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Skygroup Skysea Client View	From 11.220.05p to 19.101.01a

References (4)

https://jvn.jp/en/jp/JVN54451757/

Source: vultures@jpcert.or.jp

Third Party Advisory

https://www.skyseaclientview.net/news/240307_01/

Source: vultures@jpcert.or.jp

Vendor Advisory

https://jvn.jp/en/jp/JVN54451757/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.skyseaclientview.net/news/240307_01/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.