CVE-2024-50307

Published Oct 28, 2024

Last updated 20 days ago

CVSS medium 5.5

Overview

Description
Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary code may be executed on the device that runs Chatwork Desktop Application (Windows).
Source
vultures@jpcert.or.jp
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.5
Impact score
3.4
Exploitability score
2.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Severity
MEDIUM

CVSS 3.0

Type
Secondary
Base score
5.5
Impact score
3.4
Exploitability score
2.1
Vector string
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Severity
MEDIUM

Weaknesses

vultures@jpcert.or.jp
CWE-676

Social media

Hype score
Not currently trending

  1. CVE-2024-50307 Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a specially crafted link in the… https://t.co/lC0RmpAdUv

    @CVEnew

    28 Oct 2024

    780 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References