CVE-2024-37742

EUVD-2024-36815
Insecure Access Control in Safe Exam Browser (SEB) = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between the SEB kiosk mode and the underlying system, compromising exam integrity. By exploiting this flaw, an attacker can bypass exam controls and gain an unfair advantage during exams.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
CISA-ADPADP
8.2 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
ethzsafe_exam_browser
3.5.0
ADP
Common Weakness Enumeration
References
https://github.com/Eteblue/CVE-2024-37742
https://youtu.be/SOm0Hgny_3U
https://github.com/Eteblue/CVE-2024-37742
https://youtu.be/SOm0Hgny_3U