CVE-2023-25011

PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
NECCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
VendorProductVersion
necpc_settings_tool
10.0.0.0 ≤
𝑥
≤ 10.1.26.0
necpc_settings_tool
11.0.0.0 ≤
𝑥
≤ 11.0.22.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://jpn.nec.com/security-info/secinfo/nv23-001_en.html
https://jpn.nec.com/security-info/secinfo/nv23-001_en.html