Vulnerabilities > CVE-2023-50441 - Unspecified vulnerability in Primx Zonecentral 6.1.2240

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

primx

NVD

Published: 2023-12-13

Updated: 2023-12-20

Summary

Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission) or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which folders are opened.

Vulnerable Configurations

Part	Description	Count
Application	Primx Primx Zonecentral * Primx Zonecentral 6.1.2240	2

References

https://www.primx.eu/fr/blog/
https://www.primx.eu/en/bulletins/security-bulletin-23B3093A/