Number:NV23-001
CVE:CVE-2023-25011

Overview

The following vulnerability exist in the "PC Settings Tool" installed in NEC's business PCs (Mate/VersaPro).

It is possible to write to the registry as administrator privileges with standard user privileges. - CVE-2023-25011

Products Affected

PC Settings Tool

Affected Version

If the beginning is "10" (10.x.x.x): 10.1.26.0 and earlier.
If the beginning is "11" (11.x.x.x): 11.0.22.0 and earlier.

Solution

Please apply the patch.
(1)Update at Microsoft Store.
(2)Launch the PC Settings Tool
(3)Follow the displayed message to update the libarary.
    (After updating, you need to restart your PC)

The update is completed if it is updated to the following version or later.
If the beginning is "10" (10.x.x.x): 10.1.27.0 and later
If the beginning is "11" (11.x.x.x): 11.0.23.0 and later

References

CVE-2023-25011
https://www.cve.org/CVERecord?id=CVE-2023-25011

Credit

Update