CVE-2024-6974
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD
Description
Cato Networks Windows SDP Client Local Privilege Escalation via self-upgradeThis issue affects SDP Client: before 5.10.34.
Affected (1)
Products: Catonetworks: Cato Client
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 5.10.34 |
Related CWEs
CWE-276
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
CWE-426
Untrusted Search Path
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.
References (1)
Source: 2505284f-8ffb-486c-bf60-e19c1097a90b
ExploitVendor Advisory
Timeline
No history available yet.