CVE-2023-6336

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 16, 2024

Updated: Jan 23, 2024

CWE ID 59

Summary

CVE-2023-6336 is a vulnerability affecting HYPR Workforce Access on MacOS. It involves an improper link resolution issue, also known as 'Link Following'. This issue permits user-controlled filename manipulation before file access. An attacker could exploit this flaw to trick users into opening malicious files, leading to potential security risks. The vulnerability affects versions of HYPR Workforce Access prior to 8.7.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Hypr Workforce Access

Affected Vendors

Hypr Corp.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tliYuB
https://www.cve.org/CVERecord?id=CVE-2023-6336
https://nvd.nist.gov/vuln/detail/CVE-2023-6336

Back to Vulnerability Database