CVE - CVE-2024-3460

CVE-ID
CVE-2024-3460	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In KioWare for Windows (versions all through 8.34) it is possible to exit this software and use other already opened applications utilizing a short time window before the forced automatic logout occurs. Then, by using some built-in function of these applications, one may launch any other programs. In order to exploit this vulnerability external applications must be left running when the KioWare software is launched. Additionally, an attacker must know the PIN set for this Kioware instance and also slow down the application with some specific task which extends the usable time window.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://cert.pl/en/posts/2024/04/CVE-2024-3459 URL:https://cert.pl/en/posts/2024/04/CVE-2024-3459 MISC:https://cert.pl/posts/2024/04/CVE-2024-3459 URL:https://cert.pl/posts/2024/04/CVE-2024-3459 MISC:https://www.kioware.com/ URL:https://www.kioware.com/
Assigning CNA
CERT.PL
Date Record Created
20240408	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240408)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)