CVE-2024-41139

Summary

Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the product's Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privilege.

Affected Software

VendorProductVersion RangeStatus
Sky Co.,LTD.SKYSEA Client ViewVer.6.010.06 to Ver.19.210.04eaffected

Weaknesses

  • Incorrect privilege assignment

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References