CVE-2023-28123
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A permission misconfiguration in UI Desktop for Windows (Version 0.59.1.71 and earlier) could allow an user to hijack VPN credentials while UID VPN is starting.This vulnerability is fixed in Version 0.62.3 and later.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | UI Desktop for Windows | Fixed on Version 0.62.3 or later. | affected |
Weaknesses
- CWE-732: Incorrect Permission Assignment for Critical Resource (CWE-732)
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.