CVE-2024-47045
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Privilege chaining issue exists in the installer of e-Tax software(common program). If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| National Tax Agency | The installer of e-Tax software(common program) | All versions distributed on the NTA website before 2024 September 24 | affected |
Weaknesses
- CWE-268: Privilege chaining
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://www.e-tax.nta.go.jp/topics/2024/topics_20240924_versionup.htm
- https://jvn.jp/en/jp/JVN57749899/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.