CRITICAL🇵🇱 Wersja polska

CVE-2024-46622

CVSS 9.8v3.1pub. 2025-01-06upd. 2026-04-15

An Escalation of Privilege security vulnerability was found in SecureAge Security Suite software 7.0.x before 7.0.38, 7.1.x before 7.1.11, 8.0.x before 8.0.18, and 8.1.x before 8.1.18 that allows arbitrary file creation, modification and deletion.

🤖 AI Analysis
How it works

The vulnerability classified as CWE-281 (Improper Preservation of Permissions) results from improper handling of file permissions in SecureAge Security Suite software. An attacker, without the need to possess authentication or user interaction, can exploit this bug to manipulate the file system with elevated privileges. The network vector (AV:N) and lack of prerequisites (PR:N, UI:N) make the vulnerability particularly dangerous and easy to exploit remotely.

Impact

An attacker can arbitrarily create, modify, and delete files in the operating system, which in practice can lead to complete system takeover, data destruction, or installation of malicious software.

Mitigation & patch

SecureAge Security Suite software should be updated to version 7.0.38 or later (in the 7.0.x branch), 7.1.11 or later (in the 7.1.x branch), 8.0.18 or later (in the 8.0.x branch), or 8.1.18 or later (in the 8.1.x branch). Details are available in the official manufacturer's statement at secureage.com/blog/resolved-escalation-of-privilege.

Who is affected

SecureAge Security Suite in versions: 7.0.x before 7.0.38, 7.1.x before 7.1.11, 8.0.x before 8.0.18, and 8.1.x before 8.1.18

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References