CVE-2023-7025 | KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5 DBus init_kcm access control

Posted by Angelo Barbosa | Dec 20, 2023 | CVE

A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. It has been declared as critical. This vulnerability affects the function init_kcm of the component DBus Handler. The manipulation leads to improper access controls.

This vulnerability was named CVE-2023-7025. Attacking locally is a requirement. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2023-7025 | KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5 DBus init_kcm access control

Related Posts

CVE-2023-7019 | LightStart Plugin up to 2.6.8 on WordPress authorization

CVE-2024-8295 | FeehiCMS up to 2.1.1 index.php createBanner BannerForm[img] unrestricted upload

CVE-2024-20754 | Adobe Lightroom Desktop up to 7.1.2 untrusted search path (apsb24-17)

CVE-2024-25718 | Samly up to 1.3.x on Elixir Samly.State.Store.get_assertion session expiration