Improper Access Rights and Privilege Escalation Vulnerability in Xpedition Designer VX.2.x

Improper Access Rights and Privilege Escalation Vulnerability in Xpedition Designer VX.2.x

CVE-2022-31465 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A vulnerability has been identified in Xpedition Designer VX.2.10 (All versions < VX.2.10 Update 13), Xpedition Designer VX.2.11 (All versions < VX.2.11 Update 11), Xpedition Designer VX.2.12 (All versions < VX.2.12 Update 5), Xpedition Designer VX.2.13 (All versions < VX.2.13 Update 1). The affected application assigns improper access rights to the service executable. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

Learn more about our Web Application Penetration Testing UK.