Path Interception Vulnerability in RSA Authentication Agent for Windows
CVE-2024-47856

9.8CRITICAL

Key Information:

Vendor: RSA Security
Status: RSA Authentication Agent
Vendor: CVE Published:; 24 November 2025

🔔 Create RSA Security Vulnerability Alert

What is CVE-2024-47856?

A path interception vulnerability exists in RSA Authentication Agent versions prior to 7.4.7, where service paths and shortcut paths are susceptible to exploitation. This occurs when the file paths contain spaces and are not enclosed in quotation marks, allowing an attacker to position an executable file in a higher directory level. Consequently, when the RSA Authentication Agent attempts to resolve the executable, it may inadvertently execute the attacker's file instead of the intended one, leading to unauthorized actions.

References

https://community.rsa.com/s/product-download/a9G4u000000m...

https://community.rsa.com/s/article/RSA-2024-13-RSA-Authe...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 24, 2025
Vulnerability Reserved
Oct 4, 2024

CVE-2024-47856 Data

JSON