HIGH🇬🇧 English

CVE-2023-53965

CVSS 8.6v4.0pub. 2025-12-22upd. 2026-01-29

SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during service startup.

oryginał EN
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Sound4 Big Voice

    HW
    Sound4
    wszystkie wersje
  • Sound4 Big Voice Firmware

    OS
    Sound4
    4.1.102
  • Sound4 First

    HW
    Sound4
    wszystkie wersje
  • Sound4 First Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Impact

    HW
    Sound4
    wszystkie wersje
  • Sound4 Impact Eco

    HW
    Sound4
    wszystkie wersje
  • Sound4 Impact Eco Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Impact Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Ip Connect

    HW
    Sound4
    wszystkie wersje
  • Sound4 Ip Connect Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Playout Ula8

    HW
    Sound4
    wszystkie wersje
  • Sound4 Playout Ula8 Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Pulse

    HW
    Sound4
    wszystkie wersje
  • Sound4 Pulse Eco

    HW
    Sound4
    wszystkie wersje
  • Sound4 Pulse Eco Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Pulse Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Stream X2

    HW
    Sound4
    wszystkie wersje
  • Sound4 Stream X2 Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Stream X4

    HW
    Sound4
    wszystkie wersje
  • Sound4 Stream X4 Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Stream X8

    HW
    Sound4
    wszystkie wersje
  • Sound4 Stream X8 Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Voice Ula2

    HW
    Sound4
    wszystkie wersje
  • Sound4 Voice Ula2 Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Voice Ula4

    HW
    Sound4
    wszystkie wersje
  • Sound4 Voice Ula4 Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Voice Ula8

    HW
    Sound4
    wszystkie wersje
  • Sound4 Voice Ula8 Firmware

    OS
    Sound4
    4.1.102
  • Sound4 Wm2

    HW
    Sound4
    wszystkie wersje
  • Sound4 Wm2 Firmware

    OS
    Sound4
    4.1.102
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-50796CRITICAL9.3PL ✓ten sam produkt

RCE i path traversal w firmware upload SOUND4 IMPACT/FIRST/PULSE/Eco

CVE-2022-50794CRITICAL9.3PL ✓ten sam produkt

Command injection w parametrze username — SOUND4 IMPACT/FIRST/PULSE/Eco

CVE-2022-50696CRITICAL9.3PL ✓ten sam produkt

Zakodowane na stałe dane logowania w urządzeniach SOUND4 IMPACT/FIRST/PULSE/Eco

CVE-2023-53955CRITICAL9.3PL ✓ten sam produkt

IDOR w SOUND4 IMPACT/FIRST/PULSE/Eco v2.x — pominięcie autoryzacji

CVE-2023-53960CRITICAL9.3PL ✓ten sam produkt

SQL Injection w mechanizmie logowania SOUND4 IMPACT/FIRST/PULSE/Eco