CVE Vulnerabilities

CVE-2023-4936

Improper Privilege Management

Published: Oct 11, 2023 | Modified: Nov 21, 2024
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

It is possible to sideload a compromised DLL during the installation at elevated privilege.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

Name Vendor Start Version End Version
Displaylink_usb_graphics Synaptics * 11.2m0 (excluding)

Potential Mitigations

References