Description
Privilege escalation in the "HTC Account Service" and "ViveportDesktopService" in HTC VIVEPORT before 1.0.0.36 allows local attackers to escalate privileges to SYSTEM via reconfiguration of either service.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://community.viveport.com/
Third Party Advisory x_refsource_misc
https://huskersec.com/privilege-escalation-via-htc-viveport-desktop-c93471ff87c8
Scores
CVSS v3
7.8
EPSS
0.0032
EPSS Percentile
23.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (1)
htc/viveport
< 1.0.0.36
Published
Jun 03, 2019
Tracked Since
Feb 18, 2026