CVE-2018-17493

Summary

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program and launch other processes on the system.

Affected Software

VendorProductVersion RangeStatus
VisitorPasseVisitorPass1.5.5.2affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References