Link Following Vulnerability Affects File Manipulation in HYPR Workforce Access on MacOS
CVE-2024-0068

7.1HIGH

Key Information:

Vendor: Hypr
Status: Workforce Access
Vendor: CVE Published:; 29 February 2024

What is CVE-2024-0068?

An improper link resolution vulnerability exists in HYPR Workforce Access for MacOS that permits unauthorized file manipulation. This flaw allows an attacker to resolve links improperly, leading to potential security breaches and exploitation of sensitive files. The issue impacts versions of Workforce Access prior to 8.7.1, necessitating updates to safeguard against potential threats. Users are advised to check their software version and implement the latest security measures promptly.

Affected Version(s)

Workforce Access MacOS 0 < 8.7.1

References

https://www.hypr.com/trust-center/security-advisories

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 29, 2024
Vulnerability Reserved
Nov 27, 2023

Hypr

What is CVE-2024-0068?

Affected Version(s)

References

CVSS V3.1

Timeline