CVE-2024-4230 HIGH

CVE-2024-4230

Vendor Edgecross Consortium
Product Edgecross Basic Software for Windows
Weakness CWE-73
Published December 19, 2024
Last update December 19, 2024

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition.

Key dates

02Disclosure timeline

December 19, 2024 CVE published
December 19, 2024 Record updated