CVE-2023-51751

Name of the Vulnerable Software and Affected Versions ScaleFusion versions 10.5.2 through 10.5.6

Description The issue is related to inadequate access control in the Scalefusion MDM Agent, which can allow an attacker to escape from an isolated software environment. Specifically, in version 10.5.2, users are not properly limited to the Edge application, as they can use Alt-F4 to access other areas. This can be exploited to launch the file explorer in Agent-based Multi-App and Single App Kiosk mode.

Recommendations For ScaleFusion version 10.5.2, update to version 10.5.7 to prevent the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode. For ScaleFusion versions 10.5.3 through 10.5.6, update to version 10.5.7 to fix the issue.