CVE-2019-12176

EUVD-2019-3825
Privilege escalation in the "HTC Account Service" and "ViveportDesktopService" in HTC VIVEPORT before 1.0.0.36 allows local attackers to escalate privileges to SYSTEM via reconfiguration of either service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Affected Products (NVD)
VendorProductVersion
htcviveport
𝑥
< 1.0.0.36
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://community.viveport.com/
https://huskersec.com/privilege-escalation-via-htc-viveport-desktop-c93471ff87c8
https://community.viveport.com/
https://huskersec.com/privilege-escalation-via-htc-viveport-desktop-c93471ff87c8