A missing authentication vulnerability in PC settings tool
The following vulnerability exist in the "PC Settings Tool" installed in NEC's business PCs (Mate/VersaPro).
It is possible to write to the registry as administrator privileges with standard user privileges. - CVE-2023-25011
PC Settings Tool
If the beginning is "10" (10.x.x.x): 10.1.26.0 and earlier.
If the beginning is "11" (11.x.x.x): 22.214.171.124 and earlier.
Please apply the patch.
(1)Update at Microsoft Store.
(2)Launch the PC Settings Tool
(3)Follow the displayed message to update the libarary.
(After updating, you need to restart your PC)
The update is completed if it is updated to the following version or later.
If the beginning is "10" (10.x.x.x): 10.1.27.0 and later
If the beginning is "11" (11.x.x.x): 126.96.36.199 and later
reported by Mr. Haruki Yadani in LAC through IPA.