Vulnerability: Unauthorized Modification of Encrypted Disks to Trigger Outbound Network Traffic

Vulnerability: Unauthorized Modification of Encrypted Disks to Trigger Outbound Network Traffic

CVE-2023-50443 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Encrypted disks created by PRIMX CRYHOD for Windows before Q.2020.4 (ANSSI qualification submission) or CRYHOD for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which disks are opened.

Learn more about our Network Penetration Testing.