PT-2024-11942 · Forcepoint · Forcepoint F|One Smartedge Agent
Published
2024-01-29
·
Updated
2024-02-08
·
CVE-2023-1705
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Forcepoint F|One SmartEdge Agent versions prior to 1.7.0.230330-554
Description
The issue is related to a Missing Authorization vulnerability in the bgAutoinstaller service modules of Forcepoint F|One SmartEdge Agent on Windows, allowing Privilege Escalation and Functionality Bypass.
Recommendations
For versions prior to 1.7.0.230330-554, update to version 1.7.0.230330-554 or later to resolve the issue.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Forcepoint F|One Smartedge Agent