CVE-2023-1705

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 29, 2024

Updated: Feb 8, 2024

CWE ID 862

Summary

CVE-2023-1705 is a critical vulnerability affecting the Forcepoint F|One SmartEdge Agent on Windows. The issue lies in the bgAutoinstaller service modules, which have a missing authorization control. An attacker can exploit this vulnerability to gain privilege escalation and bypass functionality, potentially compromising the system. This issue poses a significant risk and affects versions of F|One SmartEdge Agent prior to 1.7.0.230330-554. It is strongly recommended that users update to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r_Xy2e
https://www.cve.org/CVERecord?id=CVE-2023-1705
https://nvd.nist.gov/vuln/detail/CVE-2023-1705

Back to Vulnerability Database

CVE-2023-1705

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations