CVE-2024-46466

By default, dedicated folders of ZONECENTRAL for Windows up to 2024.3 or up to Q.2021.2 (ANSSI qualification submission) can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZONECENTRAL has to be modified to prevent this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H
mitreCNA
---
---
CISA-ADPADP
7.8 HIGH
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Common Weakness Enumeration
References
https://www.primx.eu/en/bulletins/security-bulletin-24931934/