PT-2023-31549 · Primx · Primx Zonecentral For Windows
Published
2023-12-13
·
Updated
2023-12-20
·
CVE-2023-50441
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PRIMX ZONECENTRAL for Windows versions prior to Q.2021.2
PRIMX ZONECENTRAL for Windows versions prior to 2023.5
Description
Encrypted folders created by PRIMX ZONECENTRAL for Windows can be modified by an unauthenticated attacker to include a UNC reference, triggering outbound network traffic from computers on which folders are opened.
Recommendations
For PRIMX ZONECENTRAL for Windows versions prior to Q.2021.2, update to version Q.2021.2 or later.
For PRIMX ZONECENTRAL for Windows versions prior to 2023.5, update to version 2023.5 or later.
As a temporary workaround, consider restricting access to encrypted folders until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Primx Zonecentral For Windows