Insider Threat: Bypass Temporary Fix Can Be Circumvented
CVE-2024-0313

5.5MEDIUM

Key Information:

Vendor: Skyhigh
Status: Skyhigh Client Proxy
Vendor: CVE Published:; 14 March 2024

What is CVE-2024-0313?

A malicious insider exploiting this vulnerability can circumvent existing security controls put in place by the organization. On the contrary, if the victim is legitimately using the temporary bypass to reach out to the Internet for retrieving application and system updates, a remote device could target it and undo the bypass, thereby denying the victim access to the update service, causing it to fail.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Skyhigh Client Proxy Windows 4.8.1

References

https://kcm.trellix.com/corporate/index?page=content&id=S...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 14, 2024
Vulnerability Reserved
Jan 8, 2024

Credit

Winston Ho (@violenttestpen)

JSON

Skyhigh

What is CVE-2024-0313?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.