CVE-2024-47856 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not…
Critical CVSS: 9.8

CVE-2024-47856

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve that executable instead of the intended executable.
Vendor
Rsa
Product
Authentication Agent For Windows
CWE
CWE-23
Yayın Tarihi
2025-11-24 22:15:46
Güncelleme
2025-12-30 17:25:32
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-23 Authentication Agent For Windows CRITICAL Rsa 2025

Referanslar

https://community.rsa.com/s/article/RSA-2024-13-RSA-Authentication-Agent-for-Microsoft-Windows-Security-Update https://community.rsa.com/s/product-download/a9G4u000000mCOYEAU/rsa-authentication-agent-747-for-microsoft-windows