CVE-2023-50439

Summary

CVE-2023-50439 is a cyber vulnerability that affects ZED containers produced by PRIMX ZED! for Windows. The affected versions include ZED! for Windows before Q.2020.3, ZED! for Windows before Q.2021.2, ZONECENTRAL for Windows before Q.2021.2, ZONECENTRAL for Windows before 2023.5, and ZEDMAIL for Windows before 2023.5. This vulnerability allows an unauthenticated attacker to obtain certain information about the context of use, such as the project name, by disclosing the original path in which the containers were created. The risk score is 25, and the base severity is medium according to NIST's National Vulnerability Database (NVD). The exploitability score is 3.9 out of 10, indicating a moderate level of difficulty for exploitation. The confidentiality impact is low, and no privileges are required to exploit this vulnerability. It has a network attack vector and does not require any user interaction or affect integrity or availability. To remediate this vulnerability, organizations should update their PRIMX ZED! products to versions Q.2020.3 or later for ZED! for Windows and versions Q.2021.2 or later for ZONECENTRAL and ZEDMAIL for Windows. This vulnerability poses a potential danger to organizations using the affected PRIMX ZED! products as it allows unauthorized access to information about the containers' context of use. While the confidentiality impact is low, it can still provide valuable insights to attackers about projects and potentially aid in further exploitation or targeted attacks against the organization's infrastructure or sensitive data

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.