PT-2026-31870 · Microsoft · Windows
Published
2026-04-10
·
Updated
2026-04-11
·
CVE-2026-4482
CVSS v4.0
6.8
Medium
| Vector | AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:L/SA:L |
Name of the Vulnerable Software and Affected Versions
versions (affected versions not specified)
Description
The installer certificate files within the …/bootstrap/common/ssl folder do not have restricted permissions on Windows systems, allowing users read and execute access. Specifically, the
client.key file's exposure to locally authenticated standard users could potentially lead to exploits, exposing agent identity material.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows