PT-2025-2734 · Primx · Primx Zed Enterprise
Nicolas Rodrigues
·
Published
2025-01-09
·
Updated
2025-01-10
·
CVE-2024-46464
CVSS v3.1
7.8
High
| Vector | AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
PRIMX ZED Enterprise versions up to 2024.3
Description:
The issue allows manipulation of technical files stored in local folders with common user access. This can lead to the host computer becoming unavailable or execution of programs with elevated privileges.
Recommendations:
For PRIMX ZED Enterprise versions up to 2024.3, consider restricting access to technical files stored in local folders to prevent manipulation and minimize the risk of exploitation. As a temporary workaround, limit user privileges to prevent elevation of privilege attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Primx Zed Enterprise