Privilege Escalation Vulnerability in EasyLobby Solo by Alertus Technologies
CVE-2018-17491

8.4HIGH

Key Information:

Vendor: Hid Global
Status: Easylobby Solo
Vendor: CVE Published:; 21 March 2019

What is CVE-2018-17491?

A vulnerability in EasyLobby Solo could enable a local attacker to leverage kiosk access to gain elevated privileges. By simply aborting the program using the 'esc' key, an attacker may perform unauthorized actions that compromise the system's integrity. This issue underscores the necessity for securing kiosk environments to prevent unauthorized access.

Affected Version(s)

EasyLobby Solo 11.0.4563

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/149651

vdb-entryx_refsource_XF

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 21, 2019
Vulnerability Reserved
Sep 25, 2018

JSON

Hid Global

What is CVE-2018-17491?

Affected Version(s)

References

CVSS V3.1

Timeline