What the vulnerability does

01Description

The decrypted configuration file contains the password in cleartext which is used to configure WINSelect. It can be used to remove the existing restrictions and disable WINSelect entirely.

Key dates

02Disclosure timeline

June 24, 2024 CVE published
February 13, 2025 Record updated