CVE-2024-6973

Name of the Vulnerable Software and Affected Versions Cato Windows SDP client versions prior to 5.10.34

Description The issue is related to Remote Code Execution and Improper Input Validation, allowing OS Command Injection via crafted URLs. This can potentially lead to malicious commands being executed on the affected system.

Recommendations For versions prior to 5.10.34, update to version 5.10.34 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted URLs that could exploit the Improper Input Validation vulnerability until a patch is applied.