ГлавнаяУязвимости → CVE-2023-50159
8.8высокая

CVE-2023-50159

Описание

In ScaleFusion (Windows Desktop App) agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode.

Затрагиваемое ПО
Scalefusion Scalefusion
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Источники
https://help.scalefusion.com/docs/security-advisory-for-windows-mdm-agenthttps://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59https://help.scalefusion.com/docs/security-advisory-for-windows-mdm-agenthttps://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59