Lapswebui
by Truesec
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-15554 | Hig | 0.51 | 7.8 | 0.00 | Mar 16, 2026 | Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords. | ||
| CVE-2025-15552 | Hig | 0.51 | 7.8 | 0.00 | Mar 16, 2026 | Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password. | ||
| CVE-2025-15553 | Hig | 0.46 | 7.1 | 0.00 | Mar 16, 2026 | Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password. |
- risk 0.51cvss 7.8epss 0.00
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords.
- risk 0.51cvss 7.8epss 0.00
Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password.
- risk 0.46cvss 7.1epss 0.00
Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password.