CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-28144

KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configuration, allows privilege escalation because of race conditions involving symlinks and elevate_perf_privileges.sh chown calls.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.4%

CVSS Severity

CVSS v3 Score 7.0

References

https://github.com/KDAB/hotspot/releases
https://www.openwall.com/lists/oss-security/2023/03/14/8
https://github.com/KDAB/hotspot/releases
https://www.openwall.com/lists/oss-security/2023/03/14/8

Products affected by CVE-2023-28144

Kdab » Hotspot » Version: 1.3.0

cpe:2.3:a:kdab:hotspot:1.3.0
Kdab » Hotspot » Version: 1.4.0

cpe:2.3:a:kdab:hotspot:1.4.0
Kdab » Hotspot » Version: 1.4.1

cpe:2.3:a:kdab:hotspot:1.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28144

Products

Pricing

Contact Us