PT-2024-29850 · Unknown · Edgecross Basic Software For Windows+1
Published
2024-12-19
·
Updated
2024-12-24
·
CVE-2024-4230
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Edgecross Basic Software for Windows versions 1.00 and later
Edgecross Basic Software for Developers versions 1.00 and later
Description
The issue allows a malicious local attacker to execute arbitrary malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition.
Recommendations
For Edgecross Basic Software for Windows versions 1.00 and later, consider restricting access to sensitive files and directories to minimize the risk of exploitation.
For Edgecross Basic Software for Developers versions 1.00 and later, avoid using vulnerable file name or path parameters in local operations until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Edgecross Basic Software For Developers
Edgecross Basic Software For Windows