Denial of Service Vulnerability in WatchGuard Single Sign-On Client for Windows
CVE-2024-6594

7.5HIGH

Key Information:

Vendor: Watchguard
Status: Single Sign-on Client
Vendor: CVE Published:; 25 September 2024

What is CVE-2024-6594?

The WatchGuard Single Sign-On Client for Windows is vulnerable due to improper handling of exceptional conditions, allowing an attacker with network access to exploit this issue. By repeatedly sending malformed commands, the attacker can trigger a crash in the client, resulting in a denial of service condition for the Single Sign-On service. This vulnerability affects versions of the client up to 12.7, emphasizing the importance of patching and securing systems against unauthorized access.

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 25, 2024

Watchguard

What is CVE-2024-6594?

References

CVSS V3.1

Timeline