Saved Uninstall Key in Digital Guardian Agent Uninstaller

CVE-2023-6253

6MEDIUM

Key Information

Vendor: Fortra
Status: Digital Guardian Agent
Vendor: CVE Published:; 22 November 2023

Summary

A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows a local attacker to retrieve the uninstall key and remove the software by extracting the uninstaller key from the memory of the uninstaller file.

Affected Version(s)

Digital Guardian Agent < 7.9.4

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability Reserved.
Nov 22, 2023
Vulnerability published.
Nov 22, 2023

Collectors

NVD DatabaseMitre Database

Credit

J. Kruchem (SEC Consult Vulnerability Lab)

B. Gründling (SEC Consult Vulnerability Lab)

D. Hirschberger (SEC Consult Vulnerability Lab)