CVE-2023-28347

CVSS 3.1 Score 9.6 of 10 (high)

Details

Published May 31, 2023

Updated: Jan 13, 2025

CWE ID 79

Summary

CVE-2023-28347 is a newly identified vulnerability affecting Faronics Insight version 10.0.19045 on Windows systems. This issue allows unauthenticated attackers to craft a malicious script, which can be used to exploit Cross-Site Scripting (XSS) vulnerabilities within the Teacher Console application. Successful exploitation can result in remote code execution with NT AUTHORITY/SYSTEM privileges, impacting both the Teacher Console and all connected Student Consoles in a Zero Click attack scenario.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rbUa7n
https://www.cve.org/CVERecord?id=CVE-2023-28347
https://nvd.nist.gov/vuln/detail/CVE-2023-28347

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2023-28347

CVSS 3.1 Score 9.6 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations