High-Privilege Service Account Vulnerability in Global Wisdom Software's ANCHOR
CVE-2024-12902

8.4HIGH

Key Information:

Vendor: Global Wisdom Software
Status: Anchor
Vendor: CVE Published:; 23 December 2024

🔔 Create Global Wisdom Software Vulnerability Alert

What is CVE-2024-12902?

Global Wisdom Software's ANCHOR, which operates on a Windows virtual machine, is susceptible to vulnerabilities associated with high-privilege service accounts. When these accounts retain default passwords, there is a significant risk that attackers could effectively gain remote access to the machine using the unaltered credentials. It is critical for organizations utilizing this product to audit service account passwords and implement robust security measures to mitigate the risk of unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ANCHOR 2.5.* < 2.5.9.5

ANCHOR 2.7.* < 2.7.2.4

References

https://www.twcert.org.tw/tw/cp-132-8314-983c9-1.html

third-party-advisory

https://www.twcert.org.tw/en/cp-139-8315-e6069-2.html

third-party-advisory

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 23, 2024
Vulnerability Reserved
Dec 23, 2024

JSON

Global Wisdom Software

What is CVE-2024-12902?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.