CVE-2017-15383
HIGHNero 7.10.1.0 - Unquoted Search Path Privilege Escalation via Trojan Horse Nero.exe
Title source: llmDescription
Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/139658/Nero-7.10.1.0-Privilege-Escalation.html
Issue Tracking, Third Party Advisory x_refsource_misc
https://cxsecurity.com/issue/WLB-2016110092
Scores
CVSS v3
7.8
EPSS
0.0046
EPSS Percentile
36.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-428
Status
published
Products (1)
nero/nero
7.10.1.0
Published
Oct 16, 2017
Tracked Since
Feb 18, 2026