Vulnerabilities > CVE-2023-50643 - Unspecified vulnerability in Evernote 10.68.2

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

evernote

critical

NVD

Published: 2024-01-09

Updated: 2024-02-16

Summary

An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components.

Vulnerable Configurations

Part	Description	Count
Application	Evernote Evernote Evernote 10.68.2	1

References

http://evernote.com
https://github.com/V3x0r/CVE-2023-50643
https://www.electronjs.org/blog/statement-run-as-node-cves