CVE-2023-51750

Name of the Vulnerable Software and Affected Versions ScaleFusion version 10.5.2

Description The issue arises because ScaleFusion does not properly limit users to the Edge application, allowing file downloads to occur. The vendor notes that the default Windows device profile configuration, which utilizes modern management with website allow-listing rules, is not vulnerable.

Recommendations For ScaleFusion version 10.5.2, consider implementing the default Windows device profile configuration, which utilizes modern management with website allow-listing rules, to mitigate the risk. Additionally, restricting file downloads within the Edge application can help minimize the issue until a more permanent solution is available.