← back
CVE-2024-4230

CVE-2024-4230

CVSS 7.8 HIGHEPSS 0.2%CWE-73
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.8EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
19 Dec 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Edgecross Consortium · Edgecross Basic Software for DevelopersEdgecross Consortium · Edgecross Basic Software for Windows

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/vu/JVNVU92857077/index.htmlhttps://www.edgecross.org/client_info/EDGECROSS/view/userweb/ext/en/data-download/pdf/ECD-TE10-0003-01-EN.pdf