CVE-2024-23847
Published: May 31, 2024
Modified: Apr 8, 2025
CVSS v3.0
7.8
Description
Incorrect default permissions issue exists in Unifier and Unifier Cast. If this vulnerability is exploited, arbitrary code may be executed with LocalSystem privilege. As a result, a malicious program may be installed, data may be altered or deleted.
| Vendor | Product | Versions |
|---|---|---|
Yokogawa Rental & Lease Corporation | Unifier | affected Version.5.0 or later but prior to v5.10.6affected and the patch "20240527" not applied |
Yokogawa Rental & Lease Corporation | Unifier Cast | affected Version.5.0 or later but prior to v5.10.6affected and the patch "20240527" not applied |
Yokogawa Rental & Lease Corporation | Unifier Cast | affected Version.6.0 or later but prior to v6.5.0affected and the patch "20240527" not applied |
Weaknesses (CWE)
CVSS v3.0 Details
CVSS v3.0 Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now