CVE-2023-7025 | KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5 DBus init_kcm access control

Posted by Angelo Barbosa | Dec 20, 2023 | CVE

A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. It has been declared as critical. This vulnerability affects the function init_kcm of the component DBus Handler. The manipulation leads to improper access controls.

This vulnerability was named CVE-2023-7025. Attacking locally is a requirement. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2023-7025 | KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5 DBus init_kcm access control

Related Posts

CVE-2024-6554 | Branda Plugin up to 3.4.18 on WordPress Custom Login Page information disclosure

CVE-2024-0378 | AI Engine Plugin up to 2.2.0 on WordPress cross site scripting

CVE-2024-48548 | Cloud Smart Lock 2.0.1 excessive authentication

CVE-2024-5145 | SourceCodester Vehicle Management System up to 1.0 HTTP POST Request /newdriver.php file unrestricted upload