CVE-2024-22774

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-22774
CWE	https://cwe.mitre.org/data/definitions/269.html

An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Potential Mitigations

https://cwe.mitre.org/data/definitions/122.html
https://cwe.mitre.org/data/definitions/233.html
https://cwe.mitre.org/data/definitions/58.html

References

https://blueteamalpha.com/blog/new-vulnerability-discovered-in-panoramic-x-ray-software/
https://github.com/Gray-0men/CVE-2024-22774
https://pancorp.com/index.html
https://pancorp.com/pdf/Panoramic-Dental-Imaging-%28GLAN%29-Windows-10x64-Setup-Rev3.pdf
https://pancorp.com/software/files/PANCORP_DENTAL_IMAGING_9.1.2.7600.exe
https://blueteamalpha.com/blog/new-vulnerability-discovered-in-panoramic-x-ray-software/
https://github.com/Gray-0men/CVE-2024-22774
https://pancorp.com/index.html
https://pancorp.com/pdf/Panoramic-Dental-Imaging-%28GLAN%29-Windows-10x64-Setup-Rev3.pdf
https://pancorp.com/software/files/PANCORP_DENTAL_IMAGING_9.1.2.7600.exe

Improper Privilege Management

Weakness

Potential Mitigations

Related Attack Patterns

References