Search criteria
7 vulnerabilities by Kioware
CVE-2024-3461 (GCVE-0-2024-3461)
Vulnerability from cvelistv5 – Published: 2024-05-09 10:14 – Updated: 2024-08-01 20:12
VLAI?
Summary
KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which protects the application from being closed, as there are no mechanisms preventing a user from excessively guessing the number.
Severity ?
6.2 (Medium)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Credits
Maksymilian Kubiak [Afine Team]
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3461",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-10T18:33:48.786983Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:31:20.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:07.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/en/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"product",
"x_transferred"
],
"url": "https://www.kioware.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Kioware",
"vendor": "Kioware",
"versions": [
{
"lessThanOrEqual": "8.35",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Maksymilian Kubiak [Afine Team]"
}
],
"datePublic": "2024-05-09T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eKioWare for Windows (versions all \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethrough 8.35)\u003c/span\u003e\u0026nbsp;allows to brute force the PIN number, which protects the application from being closed, as there are no mechanisms preventing a user from excessively guessing the number.\u003cbr\u003e\u003c/span\u003e"
}
],
"value": "KioWare for Windows (versions all through 8.35)\u00a0allows to brute force the PIN number, which protects the application from being closed, as there are no mechanisms preventing a user from excessively guessing the number.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112 Brute Force"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-09T10:14:11.615Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"product"
],
"url": "https://www.kioware.com/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-3461",
"datePublished": "2024-05-09T10:14:11.615Z",
"dateReserved": "2024-04-08T10:30:36.633Z",
"dateUpdated": "2024-08-01T20:12:07.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3460 (GCVE-0-2024-3460)
Vulnerability from cvelistv5 – Published: 2024-05-09 10:13 – Updated: 2024-08-01 20:12
VLAI?
Summary
In KioWare for Windows (versions all through 8.34) it is possible to exit this software and use other already opened applications utilizing a short time window before the forced automatic logout occurs. Then, by using some built-in function of these applications, one may launch any other programs.
In order to exploit this vulnerability external applications must be left running when the KioWare software is launched. Additionally, an attacker must know the PIN set for this Kioware instance and also slow down the application with some specific task which extends the usable time window.
Severity ?
7.4 (High)
CWE
- CWE-424 - Improper Protection of Alternate Path
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Credits
Maksymilian Kubiak [Afine Team]
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:kioware:kioware:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "unaffected",
"product": "kioware",
"vendor": "kioware",
"versions": [
{
"lessThanOrEqual": "8.34",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3460",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-25T18:34:33.771027Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T18:35:51.313Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:06.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/en/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"product",
"x_transferred"
],
"url": "https://www.kioware.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Kioware",
"vendor": "Kioware",
"versions": [
{
"lessThanOrEqual": "8.34",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Maksymilian Kubiak [Afine Team]"
}
],
"datePublic": "2024-05-09T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn KioWare for Windows (versions all \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethrough 8.34)\u003c/span\u003e\u0026nbsp;it is possible to exit this software\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand use other already opened applications utilizing a short time window before the forced automatic logout occurs. Then, by using some built-in function of these applications, one may launch any other programs.\u0026nbsp;\u003cbr\u003eIn order to exploit this vulnerability external applications must be left running when the KioWare software is launched. Additionally, an attacker must know\u0026nbsp;\u003c/span\u003ethe PIN set for this Kioware instance and also slow down the application with some specific task which extends the usable time window.\u003c/span\u003e\u003cbr\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "In KioWare for Windows (versions all through 8.34)\u00a0it is possible to exit this software\u00a0and use other already opened applications utilizing a short time window before the forced automatic logout occurs. Then, by using some built-in function of these applications, one may launch any other programs.\u00a0\nIn order to exploit this vulnerability external applications must be left running when the KioWare software is launched. Additionally, an attacker must know\u00a0the PIN set for this Kioware instance and also slow down the application with some specific task which extends the usable time window.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-424",
"description": "CWE-424 Improper Protection of Alternate Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-09T10:14:30.190Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"product"
],
"url": "https://www.kioware.com/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-3460",
"datePublished": "2024-05-09T10:13:37.634Z",
"dateReserved": "2024-04-08T10:30:35.750Z",
"dateUpdated": "2024-08-01T20:12:06.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3459 (GCVE-0-2024-3459)
Vulnerability from cvelistv5 – Published: 2024-05-09 10:13 – Updated: 2024-08-01 20:12
VLAI?
Summary
KioWare for Windows (versions all through 8.34) allows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. By using built-in functions of that viewer it is possible to launch a web browser, search through local files and, subsequently, launch any program with user privileges.
Severity ?
8.4 (High)
CWE
- CWE-424 - Improper Protection of Alternate Path
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Credits
Maksymilian Kubiak [Afine Team]
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:kioware:kioware:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "kioware",
"vendor": "kioware",
"versions": [
{
"lessThanOrEqual": "8.34",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3459",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T19:18:41.427236Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T19:19:41.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:07.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://cert.pl/en/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"product",
"x_transferred"
],
"url": "https://www.kioware.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Kioware",
"vendor": "Kioware",
"versions": [
{
"lessThanOrEqual": "8.34",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Maksymilian Kubiak [Afine Team]"
}
],
"datePublic": "2024-05-09T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eKioWare for Windows (versions all\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethrough 8.34)\u0026nbsp;\u003c/span\u003eallows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. By using built-in functions of that viewer it is possible to launch a web browser, search through local files and, subsequently, launch any program with user privileges.\u003c/span\u003e\u003cbr\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "KioWare for Windows (versions all\u00a0through 8.34)\u00a0allows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. By using built-in functions of that viewer it is possible to launch a web browser, search through local files and, subsequently, launch any program with user privileges.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-424",
"description": "CWE-424 Improper Protection of Alternate Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-09T10:13:03.813Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/04/CVE-2024-3459"
},
{
"tags": [
"product"
],
"url": "https://www.kioware.com/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-3459",
"datePublished": "2024-05-09T10:13:03.813Z",
"dateReserved": "2024-04-08T10:30:34.586Z",
"dateUpdated": "2024-08-01T20:12:07.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34641 (GCVE-0-2023-34641)
Vulnerability from cvelistv5 – Published: 2023-06-19 00:00 – Updated: 2024-12-11 19:59
VLAI?
Summary
KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog boxes on Windows 10. This issue can allow attackers to open a file dialog box via the function window.print() which can then be used to open an unprivileged command prompt.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:17:04.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.kioware.com/versionhistory.aspx?pid=15"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/huntergregal/CVE/tree/main/TBD-KIOWARE-001"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/huntergregal/CVE/tree/main/CVE-2023-34641"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-34641",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T19:58:32.559220Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T19:59:46.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog boxes on Windows 10. This issue can allow attackers to open a file dialog box via the function window.print() which can then be used to open an unprivileged command prompt."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.kioware.com/versionhistory.aspx?pid=15"
},
{
"url": "https://github.com/huntergregal/CVE/tree/main/TBD-KIOWARE-001"
},
{
"url": "https://github.com/huntergregal/CVE/tree/main/CVE-2023-34641"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-34641",
"datePublished": "2023-06-19T00:00:00",
"dateReserved": "2023-06-07T00:00:00",
"dateUpdated": "2024-12-11T19:59:46.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34642 (GCVE-0-2023-34642)
Vulnerability from cvelistv5 – Published: 2023-06-19 00:00 – Updated: 2024-12-11 18:59
VLAI?
Summary
KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog boxes on Windows 10. This issue can allow attackers to open a file dialog box via the function showDirectoryPicker() which can then be used to open an unprivileged command prompt.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:17:04.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.kioware.com/versionhistory.aspx?pid=15"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/huntergregal/CVE/tree/main/TBD-KIOWARE-002"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/huntergregal/CVE/tree/main/CVE-2023-34642"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-34642",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T18:58:55.104065Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T18:59:04.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog boxes on Windows 10. This issue can allow attackers to open a file dialog box via the function showDirectoryPicker() which can then be used to open an unprivileged command prompt."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.kioware.com/versionhistory.aspx?pid=15"
},
{
"url": "https://github.com/huntergregal/CVE/tree/main/TBD-KIOWARE-002"
},
{
"url": "https://github.com/huntergregal/CVE/tree/main/CVE-2023-34642"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-34642",
"datePublished": "2023-06-19T00:00:00",
"dateReserved": "2023-06-07T00:00:00",
"dateUpdated": "2024-12-11T18:59:04.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44875 (GCVE-0-2022-44875)
Vulnerability from cvelistv5 – Published: 2023-03-06 00:00 – Updated: 2025-03-06 20:41
VLAI?
Summary
KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code.
Severity ?
5.4 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:01:31.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.kioware.com/versionhistory.aspx?pid=15"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/olnor18/writeup/tree/master/CVE/CVE-2022-44875"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-44875",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T20:40:46.990751Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T20:41:24.047Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-06T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.kioware.com/versionhistory.aspx?pid=15"
},
{
"url": "https://github.com/olnor18/writeup/tree/master/CVE/CVE-2022-44875"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-44875",
"datePublished": "2023-03-06T00:00:00.000Z",
"dateReserved": "2022-11-07T00:00:00.000Z",
"dateUpdated": "2025-03-06T20:41:24.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18435 (GCVE-0-2018-18435)
Vulnerability from cvelistv5 – Published: 2019-03-17 19:11 – Updated: 2024-08-05 11:08
VLAI?
Summary
KioWare Server version 4.9.6 and older installs by default to "C:\kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's sub-folders. In addition, the program installs a service called "KWSService" which runs as "Localsystem", this will allow any user to escalate privileges to "NT AUTHORITY\SYSTEM" by substituting the service's binary with a malicious one.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:08:21.833Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151031/KioWare-Server-4.9.6-Privilege-Escalation.html"
},
{
"name": "46093",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46093/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://m.kioware.com/news/kioware-press-releases/kioware_server_security_patch_update"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kioware.com/patch.aspx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-002.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KioWare Server version 4.9.6 and older installs by default to \"C:\\kioware_com\" with weak folder permissions granting any user full permission \"Everyone: (F)\" to the contents of the directory and it\u0027s sub-folders. In addition, the program installs a service called \"KWSService\" which runs as \"Localsystem\", this will allow any user to escalate privileges to \"NT AUTHORITY\\SYSTEM\" by substituting the service\u0027s binary with a malicious one."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T17:02:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151031/KioWare-Server-4.9.6-Privilege-Escalation.html"
},
{
"name": "46093",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46093/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://m.kioware.com/news/kioware-press-releases/kioware_server_security_patch_update"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kioware.com/patch.aspx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-002.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KioWare Server version 4.9.6 and older installs by default to \"C:\\kioware_com\" with weak folder permissions granting any user full permission \"Everyone: (F)\" to the contents of the directory and it\u0027s sub-folders. In addition, the program installs a service called \"KWSService\" which runs as \"Localsystem\", this will allow any user to escalate privileges to \"NT AUTHORITY\\SYSTEM\" by substituting the service\u0027s binary with a malicious one."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151031/KioWare-Server-4.9.6-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151031/KioWare-Server-4.9.6-Privilege-Escalation.html"
},
{
"name": "46093",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46093/"
},
{
"name": "https://m.kioware.com/news/kioware-press-releases/kioware_server_security_patch_update",
"refsource": "CONFIRM",
"url": "https://m.kioware.com/news/kioware-press-releases/kioware_server_security_patch_update"
},
{
"name": "https://www.kioware.com/patch.aspx",
"refsource": "CONFIRM",
"url": "https://www.kioware.com/patch.aspx"
},
{
"name": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-002.md",
"refsource": "MISC",
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-002.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18435",
"datePublished": "2019-03-17T19:11:14",
"dateReserved": "2018-10-17T00:00:00",
"dateUpdated": "2024-08-05T11:08:21.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}