Vulnerability-Lookup

CVE-2023-27326 (GCVE-0-2023-27326)

Vulnerability from cvelistv5 – Published: 2024-05-03 01:55 – Updated: 2024-09-18 18:28

Title

Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability

Summary

Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. . Was ZDI-CAN-18933.

Severity ?

8.2 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

zdi

References

URL

Tags

	https://www.zerodayinitiative.com/advisories/ZDI-…	x_research-advisory
	https://kb.parallels.com/125013	vendor-advisory

Impacted products

	Vendor	Product	Version
	Parallels	Desktop	Affected: 18.0.2 (53077)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "parallels_desktop",
            "vendor": "parallels",
            "versions": [
              {
                "lessThan": "18.1.1",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-27326",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T19:51:54.334723Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:44.973Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:09:43.417Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ZDI-23-221",
            "tags": [
              "x_research-advisory",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-221/"
          },
          {
            "name": "vendor-provided URL",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://kb.parallels.com/125013"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Desktop",
          "vendor": "Parallels",
          "versions": [
            {
              "status": "affected",
              "version": "18.0.2 (53077)"
            }
          ]
        }
      ],
      "dateAssigned": "2023-02-28T12:05:53.890-06:00",
      "datePublic": "2023-03-07T07:59:56.770-06:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system.\n. Was ZDI-CAN-18933."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-18T18:28:01.519Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-23-221",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-221/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.parallels.com/125013"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Alexandre Adamski of Impalabs"
      },
      "title": "Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2023-27326",
    "datePublished": "2024-05-03T01:55:51.064Z",
    "dateReserved": "2023-02-28T17:58:45.478Z",
    "dateUpdated": "2024-09-18T18:28:01.519Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-23-221/\", \"name\": \"ZDI-23-221\", \"tags\": [\"x_research-advisory\", \"x_transferred\"]}, {\"url\": \"https://kb.parallels.com/125013\", \"name\": \"vendor-provided URL\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T12:09:43.417Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-27326\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-29T19:51:54.334723Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:*:*:*\"], \"vendor\": \"parallels\", \"product\": \"parallels_desktop\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"18.1.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-29T19:51:44.108Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability\", \"source\": {\"lang\": \"en\", \"value\": \"Alexandre Adamski of Impalabs\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\"}}], \"affected\": [{\"vendor\": \"Parallels\", \"product\": \"Desktop\", \"versions\": [{\"status\": \"affected\", \"version\": \"18.0.2 (53077)\"}], \"defaultStatus\": \"unknown\"}], \"datePublic\": \"2023-03-07T07:59:56.770-06:00\", \"references\": [{\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-23-221/\", \"name\": \"ZDI-23-221\", \"tags\": [\"x_research-advisory\"]}, {\"url\": \"https://kb.parallels.com/125013\", \"name\": \"vendor-provided URL\", \"tags\": [\"vendor-advisory\"]}], \"dateAssigned\": \"2023-02-28T12:05:53.890-06:00\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\\n\\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system.\\n. Was ZDI-CAN-18933.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"99f1926a-a320-47d8-bbb5-42feb611262e\", \"shortName\": \"zdi\", \"dateUpdated\": \"2024-09-18T18:28:01.519Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-27326\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-18T18:28:01.519Z\", \"dateReserved\": \"2023-02-28T17:58:45.478Z\", \"assignerOrgId\": \"99f1926a-a320-47d8-bbb5-42feb611262e\", \"datePublished\": \"2024-05-03T01:55:51.064Z\", \"assignerShortName\": \"zdi\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2023-27326

Vulnerability from fkie_nvd - Published: 2024-05-03 02:15 - Updated: 2025-08-06 21:27

Severity ?

8.2 (High) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

References

URL	Tags
zdi-disclosures@trendmicro.com	https://kb.parallels.com/125013	Vendor Advisory
zdi-disclosures@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-23-221/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.parallels.com/125013	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-23-221/	Third Party Advisory

Impacted products

	Vendor	Product	Version
	parallels	parallels_desktop	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "52EA0FDC-881C-41AA-B481-3CC64E737EBD",
              "versionEndExcluding": "18.1.1_\\(53328\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system.\n. Was ZDI-CAN-18933."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de escalada de privilegios locales Directory Traversal de Parallels Desktop Toolgate. Esta vulnerabilidad permite a atacantes locales escalar privilegios en las instalaciones afectadas de Parallels Desktop. Un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con altos privilegios en el sistema invitado de destino para poder explotar esta vulnerabilidad. La falla espec\u00edfica existe dentro del componente Toolgate. El problema se debe a la falta de validaci\u00f3n adecuada de una ruta proporcionada por el usuario antes de usarla en operaciones de archivos. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar c\u00f3digo arbitrario en el contexto del usuario actual en el sistema host. Era ZDI-CAN-18933."
    }
  ],
  "id": "CVE-2023-27326",
  "lastModified": "2025-08-06T21:27:05.640",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "zdi-disclosures@trendmicro.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-03T02:15:09.023",
  "references": [
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.parallels.com/125013"
    },
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-221/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.parallels.com/125013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-221/"
    }
  ],
  "sourceIdentifier": "zdi-disclosures@trendmicro.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "zdi-disclosures@trendmicro.com",
      "type": "Secondary"
    }
  ]
}

GHSA-M9V9-RF34-2H2Q

Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30

Details

The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18933.

Severity ?

8.2 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-27326"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T02:15:09Z",
    "severity": "HIGH"
  },
  "details": "Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18933.",
  "id": "GHSA-m9v9-rf34-2h2q",
  "modified": "2024-05-03T03:30:47Z",
  "published": "2024-05-03T03:30:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27326"
    },
    {
      "type": "WEB",
      "url": "https://kb.parallels.com/125013"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-221"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2023-19774

Vulnerability from cnvd - Published: 2023-03-24

Title

Parallels Desktop for Mac产品中Toolgate组件路径穿越漏洞

Description

Parallels Desktop是⼀款运⾏在mac电脑上的虚拟机管理软件，用户可以在macOS下方便的运行Windows/Linux等操作系统及应用。 Parallels Desktop for Mac产品中Toolgate组件存在路径穿越漏洞，攻击者可利用该漏洞允许隔离中的恶意程序通过虚拟机逃逸在宿主机中执⾏任意代码。

Severity

高

Patch Name

Parallels Desktop for Mac产品中Toolgate组件路径穿越漏洞的补丁

Patch Description

Formal description

用户可联系供应商获得补丁信息： https://www.parallels.cn/products/desktop/

Reference

https://blog.impalabs.com/2303_advisory_parallels-desktop_toolgate.html

Impacted products

Name
Parallels Parallels Desktop for Mac <18.1.1 (53328)

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-27326"
    }
  },
  "description": "Parallels Desktop\u662f\u2f00\u6b3e\u8fd0\u2f8f\u5728mac\u7535\u8111\u4e0a\u7684\u865a\u62df\u673a\u7ba1\u7406\u8f6f\u4ef6\uff0c\u7528\u6237\u53ef\u4ee5\u5728macOS\u4e0b\u65b9\u4fbf\u7684\u8fd0\u884cWindows/Linux\u7b49\u64cd\u4f5c\u7cfb\u7edf\u53ca\u5e94\u7528\u3002\n\nParallels Desktop for Mac\u4ea7\u54c1\u4e2dToolgate\u7ec4\u4ef6\u5b58\u5728\u8def\u5f84\u7a7f\u8d8a\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5141\u8bb8\u9694\u79bb\u4e2d\u7684\u6076\u610f\u7a0b\u5e8f\u901a\u8fc7\u865a\u62df\u673a\u9003\u9038\u5728\u5bbf\u4e3b\u673a\u4e2d\u6267\u2f8f\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://www.parallels.cn/products/desktop/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-19774",
  "openTime": "2023-03-24",
  "patchDescription": "Parallels Desktop\u662f\u2f00\u6b3e\u8fd0\u2f8f\u5728mac\u7535\u8111\u4e0a\u7684\u865a\u62df\u673a\u7ba1\u7406\u8f6f\u4ef6\uff0c\u7528\u6237\u53ef\u4ee5\u5728macOS\u4e0b\u65b9\u4fbf\u7684\u8fd0\u884cWindows/Linux\u7b49\u64cd\u4f5c\u7cfb\u7edf\u53ca\u5e94\u7528\u3002\r\n\r\nParallels Desktop for Mac\u4ea7\u54c1\u4e2dToolgate\u7ec4\u4ef6\u5b58\u5728\u8def\u5f84\u7a7f\u8d8a\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5141\u8bb8\u9694\u79bb\u4e2d\u7684\u6076\u610f\u7a0b\u5e8f\u901a\u8fc7\u865a\u62df\u673a\u9003\u9038\u5728\u5bbf\u4e3b\u673a\u4e2d\u6267\u2f8f\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Parallels Desktop for Mac\u4ea7\u54c1\u4e2dToolgate\u7ec4\u4ef6\u8def\u5f84\u7a7f\u8d8a\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Parallels Parallels Desktop for Mac \u003c18.1.1 (53328)"
  },
  "referenceLink": "https://blog.impalabs.com/2303_advisory_parallels-desktop_toolgate.html",
  "serverity": "\u9ad8",
  "submitTime": "2023-03-23",
  "title": "Parallels Desktop for Mac\u4ea7\u54c1\u4e2dToolgate\u7ec4\u4ef6\u8def\u5f84\u7a7f\u8d8a\u6f0f\u6d1e"
}

GSD-2023-27326

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2023-27326

Aliases

CVE-2023-27326

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-27326",
    "id": "GSD-2023-27326"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-27326"
      ],
      "id": "GSD-2023-27326",
      "modified": "2023-12-13T01:20:55.704413Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2023-27326",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-27326 (GCVE-0-2023-27326)

FKIE_CVE-2023-27326

GHSA-M9V9-RF34-2H2Q

CNVD-2023-19774

GSD-2023-27326

Tags

Sightings

Nomenclature