CVE Vulnerabilities

CVE-2024-41139

Incorrect Privilege Assignment

Published: Jul 29, 2024 | Modified: Jun 04, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the products Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privilege.

Weakness

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Affected Software

Name Vendor Start Version End Version
Skysea_client_view Skygroup 6.010.06 (including) 19.300.09h (excluding)

Potential Mitigations

References