CVE-2024-3334 MEDIUM

CVE-2024-3334: USB Security Feature Bypass in Digital Guardian Windows Agent Prior to version 8.2.0

Vendor Fortra
Product Digital Guardian Agent
Weakness CWE-922
Published November 15, 2024
Last update November 15, 2024

CVSS base score

4.3/10
Attack vector Physical
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

A security bypass vulnerability exists in the Removable Media Encryption (RME)component of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data.

Key dates

02Disclosure timeline

November 15, 2024 CVE published
November 15, 2024 Record updated