CVE-2024-35214 HIGH

CVE-2024-35214: Vulnerability in CylanceOPTICS Windows Installer Package Impacts CylanceOPTICS for Windows

Vendor Blackberry
Product CylanceOPTICS for Windows
Weakness CWE-288
Published August 20, 2024
Last update September 29, 2024

CVSS base score

7.1/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A tampering vulnerability in the CylanceOPTICS Windows Installer Package of CylanceOPTICS for Windows version 3.2 and 3.3 could allow an attacker to potentially uninstall CylanceOPTICS from a system thereby leaving it with only the protection of CylancePROTECT.

Key dates

02Disclosure timeline

August 20, 2024 CVE published
September 29, 2024 Record updated