CVE-2024-3507— Privilege escalation vulnerability in Lunar

Privilege escalation vulnerability in Lunar

Improper privilege management vulnerability in Lunar software that affects versions 6.0.2 through 6.6.0. This vulnerability allows an attacker to perform a secondary process injection into the Lunar application and abuse those rights to access sensitive user information.

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

特权管理不恰当

Lunar 安全漏洞

Lunar是使用 DDC 协议更改显示器的硬件亮度的工具。 Lunar 6.0.2 到 6.6.0版本存在安全漏洞，该漏洞源于允许攻击者对 Lunar 应用程序执行辅助进程注入，并滥用这些权限来访问敏感用户信息。

N/A

N/A