Privilege Escalation Vulnerability in HTC VIVEPORT Software
CVE-2019-12177

7.8HIGH

Key Information:

Vendor

Htc

Status
Viveport
Vendor
CVE Published:
3 June 2019

What is CVE-2019-12177?

The HTC VIVEPORT application has a vulnerability that arises from insecure directory permissions in the ViveportDesktopService component. This flaw enables local attackers to exploit the system through DLL hijacking, allowing them to escalate their privileges. As a result, unauthorized users may gain access to sensitive system resources or perform actions that should be restricted to higher privilege accounts. Proper security measures should be taken to mitigate this risk, especially for users of VIVEPORT versions prior to 1.0.0.36.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://community.viveport.com/
x_refsource_MISC
https://huskersec.com/privilege-escalation-via-htc-vivepo...
x_refsource_MISC
https://posts.specterops.io/razer-synapse-3-elevation-of-...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.