PT-2024-26929 · Unifier+1 · Unifier+1
Taisei Ogura
·
Published
2024-05-31
·
Updated
2025-04-08
·
CVE-2024-36246
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Unifier and Unifier Cast versions 5.0 or later
Description
A missing authorization issue allows for the execution of arbitrary code with LocalSystem privilege if exploited. This could result in the installation of malicious programs, modification, or deletion of data.
Recommendations
For Unifier and Unifier Cast versions 5.0 or later, apply the patch "20240527" to resolve the issue.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Unifier
Unifier Cast