CVE-2023-1705

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published Jan 29, 2024
Updated: Feb 8, 2024
CWE ID 862

Summary

CVE-2023-1705 is a Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows (bgAutoinstaller service modules) that allows Privilege Escalation and Functionality Bypass. This vulnerability affects F|One SmartEdge Agent versions before 1.7.0.230330-554. The risk score for this vulnerability is 26, with a base severity of HIGH and a base score of 8.4. The exploitability score is 2.0, indicating a relatively low level of difficulty for exploitation. The attack vector is LOCAL, requiring low privileges, and no user interaction is necessary. The integrity impact is HIGH, while the confidentiality impact is NONE. The availability impact is HIGH as well, posing a significant danger to organizations using the affected product. It is advised to apply the necessary patches or updates provided by Forcepoint to remediate this vulnerability and prevent potential privilege escalation attacks and functionality bypasses.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-1705 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options