CVE-2024-4230

Summary

External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition.

Affected Software

VendorProductVersion RangeStatus
Edgecross ConsortiumEdgecross Basic Software for Windowsversions 1.00 and lateraffected
Edgecross ConsortiumEdgecross Basic Software for Developersversions 1.00 and lateraffected

Weaknesses

  • CWE-73: CWE-73 External Control of File Name or Path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References