Local Privilege Escalation Vulnerability in Cato Networks Windows SDP Client
CVE-2024-6978
8.8HIGH
What is CVE-2024-6978?
A significant vulnerability has been identified in the Cato Networks Windows SDP Client, where low-privileged users can install local root certificates without sufficient access controls. This flaw poses a serious risk, as it allows malicious users to undermine the integrity of secure communications and potentially intercept sensitive data. Affected versions include all Windows SDP Client versions released before 5.10.28. It is crucial for organizations using this product to promptly update to the latest version to mitigate the risk of exploitation.
Affected Version(s)
SDP Client Windows 0 < 5.10.34
