MEDIUM🇵🇱 Wersja polska

CVE-2024-3461

CVSS 6.2v3.1pub. 2024-05-14upd. 2025-02-12

KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which protects the application from being closed, as there are no mechanisms preventing a user from excessively guessing the number.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Kioware

    APP
    Kioware
    ≤ 8.35
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-3459HIGH8.4ten sam produkt

KioWare for Windows (versions all through 8.34) allows to escape the environment by downloading PDF files, whi...

CVE-2024-3460HIGH7.4ten sam produkt

In KioWare for Windows (versions all through 8.34) it is possible to exit this software and use other already ...

CVE-2023-34641HIGH7.8ten sam produkt

KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog ...

CVE-2023-34642HIGH7.8ten sam produkt

KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog ...

CVE-2022-44875MEDIUM5.4ten sam produkt

KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which...