VDB-278829 · CVE-2024-9325 · GCVE-100-278829

Intelbras InControl ଯେପର୍ଯ୍ୟନ୍ତ 2.21.56 incontrol-service-watchdog.exe ବିସ୍ତାରିତ ଅଧିକାର

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu Intelbras InControl ଯେପର୍ଯ୍ୟନ୍ତ 2.21.56 keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe keessa. Hojii jijjiirraa gara ବିସ୍ତାରିତ ଅଧିକାର geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-428 geessa. Dadhabbii kana yeroo 09/28/2024 maxxanfameera. Odeeffannoon kun buufachuuf backend.intelbras.com irratti qoodameera. Dogoggorri kun akka CVE-2024-9325tti beekama. Weerara sun iddoo keessaatti qofa raawwatamuu qaba. Faayidaaleen teeknikaa ni jiru. Meeshaa balaa kana fayyadamuuf hin jiru. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ଅପରିଭାଷିତ jedhamee ibsameera. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Qabiyyee miidhamte fooyyessuuf gorsa ni kennama. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

5 ଆଡାପ୍ଟେସନ୍ · 100 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 09/28/2024 03:36 PM	ଅଦ୍ୟତନ 1/4 09/29/2024 01:08 PM	ଅଦ୍ୟତନ 2/4 10/07/2024 07:20 PM	ଅଦ୍ୟତନ 3/4 11/04/2024 08:17 PM	ଅଦ୍ୟତନ 4/4 11/05/2024 06:47 AM
software_vendor	Intelbras	Intelbras	Intelbras	Intelbras	Intelbras
software_name	InControl	InControl	InControl	InControl	InControl
software_version	<=2.21.56	<=2.21.56	<=2.21.56	<=2.21.56	<=2.21.56
software_file	C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe	C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe	C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe	C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe	C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe
vulnerability_cwe	CWE-428 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-428 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-428 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-428 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-428 (ବିସ୍ତାରିତ ଅଧିକାର)
vulnerability_risk	2	2	2	2	2
cvss3_vuldb_av	L	L	L	L	L
cvss3_vuldb_ac	L	L	L	L	L
cvss3_vuldb_pr	L	L	L	L	L
cvss3_vuldb_ui	N	N	N	N	N
cvss3_vuldb_s	U	U	U	U	U
cvss3_vuldb_c	H	H	H	H	H
cvss3_vuldb_i	H	H	H	H	H
cvss3_vuldb_a	H	H	H	H	H
cvss3_vuldb_rc	C	C	C	C	C
source_cve	CVE-2024-9325	CVE-2024-9325	CVE-2024-9325	CVE-2024-9325	CVE-2024-9325
cna_responsible	VulDB	VulDB	VulDB	VulDB	VulDB
response_summary	The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.	The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.	The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.	The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.	The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.
cvss2_vuldb_av	L	L	L	L	L
cvss2_vuldb_ac	L	L	L	L	L
cvss2_vuldb_ci	C	C	C	C	C
cvss2_vuldb_ii	C	C	C	C	C
cvss2_vuldb_ai	C	C	C	C	C
cvss2_vuldb_rc	C	C	C	C	C
cvss4_vuldb_av	L	L	L	L	L
cvss4_vuldb_ac	L	L	L	L	L
cvss4_vuldb_pr	L	L	L	L	L
cvss4_vuldb_ui	N	N	N	N	N
cvss4_vuldb_vc	H	H	H	H	H
cvss4_vuldb_vi	H	H	H	H	H
cvss4_vuldb_va	H	H	H	H	H
cvss2_vuldb_au	S	S	S	S	S
cvss2_vuldb_e	ND	ND	ND	ND	ND
cvss2_vuldb_rl	ND	ND	ND	OF	OF
cvss3_vuldb_e	X	X	X	X	X
cvss3_vuldb_rl	X	X	X	O	O
cvss4_vuldb_at	N	N	N	N	N
cvss4_vuldb_sc	N	N	N	N	N
cvss4_vuldb_si	N	N	N	N	N
cvss4_vuldb_sa	N	N	N	N	N
cvss4_vuldb_e	X	X	X	X	X
cvss2_vuldb_basescore	6.8	6.8	6.8	6.8	6.8
cvss2_vuldb_tempscore	6.8	6.8	6.8	5.9	5.9
cvss3_vuldb_basescore	7.8	7.8	7.8	7.8	7.8
cvss3_vuldb_tempscore	7.8	7.8	7.8	7.5	7.5
cvss3_meta_basescore	7.8	7.8	7.8	7.8	7.8
cvss3_meta_tempscore	7.8	7.8	7.8	7.7	7.7
cvss4_vuldb_bscore	8.5	8.5	8.5	8.5	8.5
cvss4_vuldb_btscore	8.5	8.5	8.5	8.5	8.5
advisory_date	1727474400 (09/28/2024)	1727474400 (09/28/2024)	1727474400 (09/28/2024)	1727474400 (09/28/2024)	1727474400 (09/28/2024)
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k	$0-$5k
cve_nvd_summary		A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.	A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.	A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.	A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.
cvss3_cna_av		L	L	L	L
cvss3_cna_ac		L	L	L	L
cvss3_cna_pr		L	L	L	L
cvss3_cna_ui		N	N	N	N
cvss3_cna_s		U	U	U	U
cvss3_cna_c		H	H	H	H
cvss3_cna_i		H	H	H	H
cvss3_cna_a		H	H	H	H
cvss3_cna_basescore		7.8	7.8	7.8	7.8
cvss2_cna_av		L	L	L	L
cvss2_cna_ac		L	L	L	L
cvss2_cna_au		S	S	S	S
cvss2_cna_ci		C	C	C	C
cvss2_cna_ii		C	C	C	C
cvss2_cna_ai		C	C	C	C
cvss2_cna_basescore		6.8	6.8	6.8	6.8
cve_nvd_summaryes			Se ha detectado una vulnerabilidad clasificada como crítica en Intelbras InControl hasta la versión 2.21.56. Afecta a una parte desconocida del archivo C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. La manipulación conduce a una ruta de búsqueda sin comillas. Es posible lanzar el ataque en el host local. El proveedor fue informado de este problema el 5 de agosto de 2024. El lanzamiento de una versión corregida 2.21.58 se anunció para fines de agosto de 2024, pero luego se pospuso hasta el 20 de septiembre de 2024.	Se ha detectado una vulnerabilidad clasificada como crítica en Intelbras InControl hasta la versión 2.21.56. Afecta a una parte desconocida del archivo C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. La manipulación conduce a una ruta de búsqueda sin comillas. Es posible lanzar el ataque en el host local. El proveedor fue informado de este problema el 5 de agosto de 2024. El lanzamiento de una versión corregida 2.21.58 se anunció para fines de agosto de 2024, pero luego se pospuso hasta el 20 de septiembre de 2024.	Se ha detectado una vulnerabilidad clasificada como crítica en Intelbras InControl hasta la versión 2.21.56. Afecta a una parte desconocida del archivo C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. La manipulación conduce a una ruta de búsqueda sin comillas. Es posible lanzar el ataque en el host local. El proveedor fue informado de este problema el 5 de agosto de 2024. El lanzamiento de una versión corregida 2.21.58 se anunció para fines de agosto de 2024, pero luego se pospuso hasta el 20 de septiembre de 2024.
cvss3_nvd_av			L	L	L
cvss3_nvd_ac			L	L	L
cvss3_nvd_pr			L	L	L
cvss3_nvd_ui			N	N	N
cvss3_nvd_s			U	U	U
cvss3_nvd_c			H	H	H
cvss3_nvd_i			H	H	H
cvss3_nvd_a			H	H	H
cvss3_nvd_basescore			7.8	7.8	7.8
advisory_url				https://backend.intelbras.com/sites/default/files/2024-10/Aviso%20de%20Seguran%C3%A7a%20-%20Incontrol%202.21.56%20e%202.21.57.pdf	https://backend.intelbras.com/sites/default/files/2024-10/Aviso%20de%20Seguran%C3%A7a%20-%20Incontrol%202.21.56%20e%202.21.57.pdf
countermeasure_name				ଅପଗ୍ରେଡ୍ କରନ୍ତୁ	ଅପଗ୍ରେଡ୍ କରନ୍ତୁ
upgrade_version				2.21.58	2.21.58
countermeasure_upgrade_url				https://download.cronos.intelbras.com.br/download/INCONTROL/INCONTROL-WEB/prod/INCONTROL-WEB-2.21.58-233dfd1ac1e2ca3eabb71c854005c78b.exe	https://download.cronos.intelbras.com.br/download/INCONTROL/INCONTROL-WEB/prod/INCONTROL-WEB-2.21.58-233dfd1ac1e2ca3eabb71c854005c78b.exe
cvss4_cna_av					L
cvss4_cna_ac					L
cvss4_cna_at					N
cvss4_cna_pr					L
cvss4_cna_ui					N
cvss4_cna_vc					H
cvss4_cna_vi					H
cvss4_cna_va					H
cvss4_cna_sc					N
cvss4_cna_si					N
cvss4_cna_sa					N
cvss4_cna_bscore					8.5

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you need the next level of professionalism?

Upgrade your account now!