CVE-2024-46465

EPSS 0.1%
Veröffentlicht 15.11.2024 18:15:28
Zuletzt bearbeitet 01.10.2025 18:12:12
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

By default, dedicated folders of CRYHOD for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of CRYHOD has to be modified to prevent this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Primx ≫ Cryhod Version <= 2024.3

Microsoft ≫ Windows Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.286

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.8	1.4	5.8	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

https://www.primx.eu/en/bulletins/security-bulletin-24932296/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-46465

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-46465

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-46465

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-46465