Vulnerability in Hasomed Elefant
CVE-2024-50590
Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory o…
EPSS: 0.001 (25.4th percentile) — read the EPSS interpretation.
Affected products
- Hasomed Elefant — versions <24.04.00
Weakness classification (CWE)
References
- r.sec-consult.com/hasomed (third-party-advisory)
- hasomed.de/produkte/elefant/ (patch)