{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T08:25:04.191","vulnerabilities":[{"cve":{"id":"CVE-2024-38456","sourceIdentifier":"cve@mitre.org","published":"2024-09-03T18:15:08.260","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\\SYSTEM."},{"lang":"es","value":"HIGH-LEIT V05.08.01.03 y HIGH-LEIT V04.25.00.00 a 4.25.01.01 para Windows de Vivavis contienen una vulnerabilidad de permisos de archivos y carpetas no seguros en prunsrv.exe. Un usuario normal (no administrador) puede aprovechar los permisos de archivos y carpetas débiles para aumentar los privilegios y ejecutar código arbitrario en el contexto de NT AUTHORITY\\SYSTEM."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]}],"references":[{"url":"https://www.schutzwerk.com/blog/schutzwerk-sa-2024-001/","source":"cve@mitre.org"},{"url":"https://www.vivavis.com/en/solution/scada-en/high-leit/","source":"cve@mitre.org"},{"url":"https://www.vivavis.com/en/vivavis-high-leit-rce-vulnerability-cve-2024-38456/","source":"cve@mitre.org"},{"url":"http://seclists.org/fulldisclosure/2024/Sep/0","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}