CVE-2024-58315 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Tosibox Key Service 3.3.0 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated syste…
High CVSS: 8.5

CVE-2024-58315

Tosibox Key Service 3.3.0 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the service startup process by inserting malicious code in the system root path, enabling unauthorized code execution during application startup or system reboot.
Vendor
Tosi
Product
Tosibox Key
CWE
CWE-428
Yayın Tarihi
2025-12-30 23:15:48
Güncelleme
2026-01-16 19:16:15
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-428 Tosibox Key HIGH Tosi 2025

Referanslar

https://packetstormsecurity.com/files/177260/ https://www.tosi.net/ https://www.vulncheck.com/advisories/tosibox-key-service-local-privilege-escalation-via-unquoted-service-path https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5812.php https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5812.php