- Description
- WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:att:winvnc:3.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "968A0212-EE5D-4D8A-837E-41424ED5964B"
},
{
"criteria": "cpe:2.3:a:att:winvnc:3.3.3r7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2433C9F8-D11B-4263-8541-76C1470B41FA"
}
],
"operator": "OR"
}
]
}
]