VULHUB ™

It is reported that a privilege escalation vulnerability exists in the VentaFax System Tray application. The issue is due to the software starting with SYSTEM privileges, to enable access to the modem hardware, and subsequently failing to drop the privileges. Although only VentaFax version 5.4 is reported vulnerable, it is likely that other versions are prone as well.

It is reported that a privilege escalation vulnerability exists in the VentaFax System Tray application. The issue is due to the software starting with SYSTEM privileges, to enable access to the modem hardware, and subsequently failing to drop the privileges. Although only VentaFax version 5.4 is reported vulnerable, it is likely that other versions are prone as well.