Insecure Update Validation in Akeo Consulting Rufus Prior to Version 2.17.1187

CVE-2017-13083 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code

Learn more about our User Device Pen Test.