CVE-2023-27133
published 2023-10-17CVE-2023-27133: TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\TSplus-RemoteWork\Clients\www folder. This may…
PriorityP349critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.80%
51.9th percentile
TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\TSplus-RemoteWork\Clients\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tsplus | tsplus_remote_work | <= 16.0.0.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-10-17
Published