Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-7824

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrUrl.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3.

Published

2024-10-03T17:15:14.913

Last Modified

2024-10-30T13:50:18.053

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:C/I:N/A:C

Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

3.4

Impact Score

9.2

Weaknesses

Type: Secondary
CWE-843
Type: Primary
CWE-843

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	webroot	secureanywhere_web_shield	< 2.1.2.3	Yes

References

https://answers.webroot.com/Webroot/ukp.aspx?pid=12&app=vw&vw=1&login=1&json=1&solutionid=4275 Vendor Advisory ([email protected])