Privilege Escalation Vulnerability in Tianocompress by Tianocore
CVE-2017-5731

7.8HIGH

Key Information:

Vendor: Tianocore
Status: Tianocore
Vendor: CVE Published:; 28 October 2019

What is CVE-2017-5731?

A vulnerability in Tianocompress before November 7, 2017 allows authenticated users to exploit a lack of proper bounds checking. This could lead to the potential for privilege escalation through local access, compromising system integrity and potentially leading to unauthorized actions within the affected software.

Affected Version(s)

Tianocore before November 7, 2017

References

https://bugzilla.tianocore.org/show_bug.cgi?id=686

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 28, 2019
Vulnerability Reserved
Feb 1, 2017