• henfredemars@infosec.pub
    link
    fedilink
    English
    arrow-up
    0
    ·
    10 months ago

    For your convenience:

    The researchers pointed out that the vulnerability cannot be exploited remotely. An attacker can trigger the issue by providing crafted inputs to applications that employ these [syslog] logging functions [in apps that allow the user to feed crafted data to those functions].

    This is a privilege escalation.