Code injection

2023-12-1321:15:00

PRIOn knowledge base

www.prio-n.com

zed

primx

code injection

windows

linux

mac

vulnerability

network access

unauthenticated attacker

anssi

zonecentral

zedmail

zedfree

zedpro

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

22.1%

JSON

ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; ZED! for Windows, Mac, Linux before 2023.5; ZEDFREE for Windows, Mac, Linux before 2023.5; or ZEDPRO for Windows, Mac, Linux before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger network access to an attacker-controlled computer when opened by the victim.

CPENameOperatorVersion
zed\\!eq< q.2020.3
zed\\!ge2023.0
zed\\!lt2023.5
zed\\!eq>= q.2021.0 AND < q.2021.2
zed\\!lt2023.5
zed\\!lt2023.5
zed\\!lt2023.5
zed\\!lt2023.5
zed\\!lt2023.5
zed\\!lt2023.5

Name	Operator	Version
zed\\!	eq	< q.2020.3
zed\\!	ge	2023.0
zed\\!	lt	2023.5
zed\\!	eq	>= q.2021.0 AND < q.2021.2
zed\\!	lt	2023.5
zed\\!	lt	2023.5
zed\\!	lt	2023.5
zed\\!	lt	2023.5
zed\\!	lt	2023.5
zed\\!	lt	2023.5