Okta Verify for Windows vulnerable to arbitrary code execution flaws
CVE-2024-0980

Currently unrated

Key Information:

Vendor: Okta
Status: Okta Verify For Windows
Vendor: CVE Published:; 28 March 2024

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-0980?

The CVE-2024-0980 vulnerability in Okta Verify for Windows is a significant flaw that allows for arbitrary code execution, posing a potential threat to affected systems. This vulnerability has been exploited in the wild, making it particularly concerning. The impact of this flaw is severe as it can be used to execute arbitrary code, and the software vendor Okta has not specified any known ransomware groups exploiting this vulnerability.

Affected Version(s)

Okta Verify for Windows 0 < 4.10.7

News Articles

Securifera

CVE-2024-0980

BLOG

BLOGb0yd2022-08-12T20:52:23+00:00 Okta Verify for Windows Remote Code Execution – CVE-2024-0980 Gallery Okta Verify for...

References

https://trust.okta.com/security-advisories/okta-verify-wi...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by Securifera
May 5, 2024
👾
Exploit known to exist
May 2, 2024
Vulnerability published
Mar 28, 2024

Credit

Okta would like to thank Ryan Wincey of Securifera, Inc. for providing information in addressing this vulnerability.