CVE-2024-52925

Description

In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via MD Kiosk Unlock Device feature for software encrypted USB drives

References

https://docs.opswat.com/mdkiosk/release-notes

https://www.opswat.com/products/metadefender/kiosk

https://www.opswat.com/

Severity

CVSS v3.1 Vector

NIST: NVD

Base Score: 6.8

Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness Enumeration

CWE-284: Improper Access Control

Known Software Configurations

OPSWAT MDKIOSK up to (excluding) 4.7.0

Discoverer

armasuisse CYD Campus

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
On This Page
CVE-2024-52925DescriptionReferencesSeverityWeakness EnumerationKnown Software ConfigurationsDiscoverer