CVE-2024-9191
- EPSS 0.17%
- Veröffentlicht 01.11.2024 22:15:03
- Zuletzt bearbeitet 05.11.2024 17:06:41
The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vu...
CVE-2024-10327
- EPSS 0.1%
- Veröffentlicht 24.10.2024 21:15:11
- Zuletzt bearbeitet 25.10.2024 12:56:07
A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27.0 (including beta) allows push notification responses through the iOS ContextExtension feature allowing the authentication to proceed regardless of the user’s selection. When a us...
CVE-2024-7061
- EPSS 0.13%
- Veröffentlicht 07.08.2024 17:15:52
- Zuletzt bearbeitet 28.08.2024 18:25:38
Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater.
CVE-2024-0980
- EPSS 0.08%
- Veröffentlicht 28.03.2024 00:15:07
- Zuletzt bearbeitet 21.11.2024 08:47:56
The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code.