CVE-2019-12176

Privilege escalation in the "HTC Account Service" and "ViveportDesktopService" in HTC VIVEPORT before 1.0.0.36 allows local attackers to escalate privileges to SYSTEM via reconfiguration of either service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
htcviveport
𝑥
< 1.0.0.36
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://community.viveport.com/
https://huskersec.com/privilege-escalation-via-htc-viveport-desktop-c93471ff87c8
https://community.viveport.com/
https://huskersec.com/privilege-escalation-via-htc-viveport-desktop-c93471ff87c8