CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-36853

In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. The attacker could abuse this to load a DLL with SYSTEM privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.0%

CVSS Severity

CVSS v3 Score 7.8

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02
https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02

Products affected by CVE-2023-36853

Keysight » Geolocation Server » Version: 2.4.2

cpe:2.3:a:keysight:geolocation_server:2.4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-36853

Products

Pricing

Contact Us