Описание
Encrypted disks created by PRIMX CRYHOD for Windows before Q.2020.4 (ANSSI qualification submission) or CRYHOD for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which disks are opened.
Ссылки
- Vendor Advisory
- Product
- Vendor Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 2020.4 (исключая)Версия от 2021.0 (включая) до 2021.3 (исключая)Версия от 2023.0 (включая) до 2023.5 (исключая)
Одновременно
Одно из
cpe:2.3:a:primx:cryhod:*:*:*:*:*:*:*:*
cpe:2.3:a:primx:cryhod:*:*:*:*:*:*:*:*
cpe:2.3:a:primx:cryhod:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00182
Низкий
4.6 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.6
github
около 2 лет назад
Encrypted disks created by PRIMX CRYHOD for Windows before Q.2020.4 (ANSSI qualification submission) or CRYHOD for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which disks are opened.
EPSS
Процентиль: 40%
0.00182
Низкий
4.6 Medium
CVSS3
Дефекты
NVD-CWE-noinfo