CVE-2024-1417
Local Code Injection Vulnerability in AuthPoint Password Manager App for macOS Safari
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in WatchGuard AuthPoint Password Manager on MacOS allows an a adversary with local access to execute code under the context of the AuthPoint Password Manager application.
This issue affects AuthPoint Password Manager for MacOS versions before 1.0.6.
La neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando ("Inyección de comando") en WatchGuard AuthPoint Password Manager en MacOS permite a un adversario con acceso local ejecutar código en el contexto de la aplicación AuthPoint Password Manager. Este problema afecta a AuthPoint Password Manager para versiones de MacOS anteriores a la 1.0.6.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-02-09 CVE Reserved
- 2024-05-16 CVE Published
- 2024-05-17 EPSS Updated
- 2024-08-01 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC
- CAPEC-251: Local Code Inclusion
References (1)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
WatchGuard Search vendor "WatchGuard" | AuthPoint Password Manager Search vendor "WatchGuard" for product "AuthPoint Password Manager" | <= 1.0.5 Search vendor "WatchGuard" for product "AuthPoint Password Manager" and version " <= 1.0.5" | en |
Affected
|