Privilege Escalation Vulnerability in Jungo WinDriver
CVE-2024-26314

7.8HIGH

Key Information:

Vendor: Jungo
Status: Windriver
Vendor: CVE Published:; 2 July 2024

What is CVE-2024-26314?

The vulnerability identified in Jungo WinDriver, spanning versions 6.0.0 to 16.1.0, stems from improper privilege management. This flaw allows local attackers to exploit the system, escalating privileges to execute arbitrary code without appropriate permissions. Organizations using the affected versions are advised to review their security posture and implement necessary updates to mitigate potential risks.

References

https://jungo.com/windriver/versions/

https://www.mitsubishielectric.com/en/psirt/vulnerability...

https://www.cisa.gov/news-events/ics-advisories/icsa-24-1...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 2, 2024