PT-2026-28545 · Gematik · Gematik Authenticator

Uwinator

Publicado

2026-03-27

Atualizado

2026-03-28

CVE-2026-33874

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Gematik Authenticator versions 4.12.0 through 4.15.9

Description The Gematik Authenticator, used for secure user authentication in digital health applications, has a flaw on Mac OS systems. Opening a specially crafted file can lead to remote code execution. This affects versions prior to 4.16.0. There are no reports of real-world exploitation or the number of potentially affected devices.

Recommendations Update the Gematik Authenticator to version 4.16.0 or greater.

Exploit

Correção

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2026-33874

GHSA-MJGM-7HWC-QQCR

Produtos afetados

Gematik Authenticator

PT-2026-28545 · Gematik · Gematik Authenticator

CVE-2026-33874

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6