CVE-2024-11969

Name of the Vulnerable Software and Affected Versions NetCloud Exchange client for Windows version 1.110.50

Description The NetCloud Exchange client for Windows contains an insecure file and folder permissions vulnerability. A normal user could exploit the weakness in file and folder permissions to escalate privileges, execute arbitrary code, and maintain persistence on the compromised machine. It has been identified that full control permissions exist on the 'Everyone' group, allowing any user with local access to the operating system to exploit this issue, regardless of their privileges.

Recommendations For version 1.110.50, consider restricting access to the vulnerable files and folders to minimize the risk of exploitation until a patch is available. As a temporary workaround, review and adjust the permissions on the affected files and folders to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.