Windriver
CVE-2024-26314
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code.
AnalysisAI
Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code. Affected products include: Jungo Windriver, Mitsubishielectric Cpu Module Logging Configuration Tool, Mitsubishielectric Cw Configurator, Mitsubishielectric Data Transfer, Mitsubishielectric Data Transfer Classic. Version information: through 16.1.0.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. Rated high sever
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. Rated high sever
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. Rated high sever
Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service (buffer overflow) or gain syste
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x9538
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x9538
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafte
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafte
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute
Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute ar
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue sc
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today