Unquoted Search Path Vulnerability in Intelbras InControl Webcam Service
CVE-2024-6080
7.8HIGH
Summary
A significant security vulnerability has been identified in Intelbras InControl version 2.21.56, specifically within the incontrolWebcam Service. This flaw is categorized as an unquoted search path, which could lead to unauthorized execution of code under certain conditions. To exploit this vulnerability, an attacker requires local access to the system. Although details about the vulnerability were publicly disclosed, the vendor, Intelbras, was informed ahead of time and is actively working on a security patch. Users are strongly advised to upgrade to version 2.21.58 to mitigate any potential risks associated with this vulnerability.
Affected Version(s)
InControl 2.21.56
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Credit
Stux (VulDB User)