{"vulnerability": "cve-2023-2457", "sightings": [{"uuid": "fdfaba75-fa0c-40b9-bca0-b161fe648684", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24577", "type": "seen", "source": "https://t.me/cibsecurity/59885", "content": "\u203c CVE-2023-24577 \u203c\n\nMcAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute unauthorized tasks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-13T15:53:19.000000Z"}, {"uuid": "e79d4cf3-dc9c-4ce0-a13b-58cd54ed4608", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24571", "type": "seen", "source": "https://t.me/cibsecurity/60117", "content": "\u203c CVE-2023-24571 \u203c\n\nDell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T13:46:11.000000Z"}, {"uuid": "1ef77bff-37c2-42f2-b43d-7f0b80051198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24579", "type": "seen", "source": "https://t.me/cibsecurity/59889", "content": "\u203c CVE-2023-24579 \u203c\n\nMcAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-13T15:53:23.000000Z"}, {"uuid": "6c46a0a8-eb65-4172-820b-564189ee12ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24577", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6288", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24577\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute unauthorized tasks.\n\ud83d\udccf Published: 2023-03-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T20:10:36.032Z\n\ud83d\udd17 References:\n1. https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html\n2. https://www.mcafee.com/support/?articleId=TS103397&page=shell&shell=article-view", "creation_timestamp": "2025-03-03T20:30:57.000000Z"}, {"uuid": "17bc26a7-032b-4614-814a-3888e03dd06e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24572", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8358", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24572\n\ud83d\udd25 CVSS Score: 4.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: \nDell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.\n\n\n\ud83d\udccf Published: 2023-02-13T07:15:32.560Z\n\ud83d\udccf Modified: 2025-03-21T14:51:11.625Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000207931/dsa-2023-032", "creation_timestamp": "2025-03-21T15:19:38.000000Z"}, {"uuid": "1916dad9-3c80-436a-bb7e-ad73cf5381c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24578", "type": "seen", "source": "Telegram/JMuhYqcszLqM2WPmtu5l4GC-wNoVD6vn4cEk4ZThmer0AORU", "content": "", "creation_timestamp": "2025-03-02T11:44:20.000000Z"}, {"uuid": "c597c52b-1b97-4d91-be31-dc087717ee52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2457", "type": "seen", "source": "https://t.me/cibsecurity/64049", "content": "\u203c CVE-2023-2457 \u203c\n\nOut of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T22:27:02.000000Z"}, {"uuid": "270fd296-d4bb-44ad-a086-a0ab4ab47310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24578", "type": "seen", "source": "https://t.me/cibsecurity/59881", "content": "\u203c CVE-2023-24578 \u203c\n\nMcAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-13T15:53:15.000000Z"}, {"uuid": "c7e4ccbb-ecd4-419e-9d78-e39d00c2d51c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24575", "type": "seen", "source": "https://t.me/cibsecurity/58554", "content": "\u203c CVE-2023-24575 \u203c\n\nDell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-21T07:26:36.000000Z"}, {"uuid": "9ceddac9-b43b-472d-88f4-5a78262b7608", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24576", "type": "seen", "source": "https://t.me/cibsecurity/57507", "content": "\u203c CVE-2023-24576 \u203c\n\nEMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service to be executed on the host system with the privileges of the nsrexecd service, which runs with administrative privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T22:20:58.000000Z"}, {"uuid": "72a1e274-2f35-48b5-988d-40e06eb40f59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24573", "type": "seen", "source": "https://t.me/cibsecurity/57899", "content": "\u203c CVE-2023-24573 \u203c\n\nDell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-10T16:57:42.000000Z"}]}