Vulnerabilities > CVE-2024-3461 - Improper Restriction of Excessive Authentication Attempts vulnerability in Kioware

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
kioware
CWE-307
NVD
Published: 2024-05-14
Updated: 2025-02-12

Summary

KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which protects the application from being closed, as there are no mechanisms preventing a user from excessively guessing the number.

Vulnerable Configurations

Part Description Count
Application
Kioware
33

Common Weakness Enumeration (CWE)

References