CVE-2023-28349
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published May 31, 2023
Updated: Jan 13, 2025
CWE ID 346
Summary
CVE-2023-28349 is a newly identified vulnerability affecting Faronics Insight 10.0.19045 on Windows systems. An attacker can exploit this issue by creating a specially crafted program that mimics the Teacher Console. This deceitful program is capable of compelling Student Consoles to connect automatically, exposing them to potential risks. Once connected, Student Consoles can be manipulated into writing arbitrary files with NT AUTHORITY/SYSTEM level permissions, leading to remote code execution.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share