Design/Logic Flaw

2023-12-1320:15:00

PRIOn knowledge base

www.prio-n.com

design flaw

logic flaw

encrypted folders

windows

anssi qualification

outbound network traffic

nvd

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

22.1%

JSON

Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission) or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which folders are opened.

CPENameOperatorVersion
zonecentralge2023.0
zonecentrallt2023.5
zonecentraleq< q.2021.2

Name	Operator	Version
zonecentral	ge	2023.0
zonecentral	lt	2023.5
zonecentral	eq	< q.2021.2

References

www.primx.eu/en/bulletins/security-bulletin-23B3093A/

www.primx.eu/fr/blog/