CVE-2024-1721 MEDIUM

CVE-2024-1721

Vendor Hypr
Product Passwordless
Weakness CWE-347
Published May 21, 2024
Last update August 1, 2024

CVSS base score

5.6/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:A/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/AU:N/R:U/V:C/RE:M/U:Green

What the vulnerability does

01Description

Improper Verification of Cryptographic Signature vulnerability in HYPR Passwordless on Windows allows Malicious Software Update.This issue affects HYPR Passwordless: before 9.1.

Key dates

02Disclosure timeline

May 21, 2024 CVE published
August 1, 2024 Record updated