37 matches found
CVE-2025-6183 Configd Injection
The StrongDM macOS client incorrectly processed JSON-formatted messages. Attackers could potentially modify macOS system configuration by crafting a malicious JSON message...
CVE-2025-6183 Configd Injection
The StrongDM macOS client incorrectly processed JSON-formatted messages. Attackers could potentially modify macOS system configuration by crafting a malicious JSON message...
CVE-2025-6182 Root Certificate Injection
The StrongDM Windows service incorrectly handled communication related to system certificate management. Attackers could exploit this behavior to install untrusted root certificates or remove trusted ones...
CVE-2025-6182 Root Certificate Injection
The StrongDM Windows service incorrectly handled communication related to system certificate management. Attackers could exploit this behavior to install untrusted root certificates or remove trusted ones...
CVE-2025-6181
The StrongDM Windows service incorrectly handled input validation. Authenticated attackers could potentially exploit this leading to privilege escalation...
CVE-2025-6181
The CVE-2025-6181 affects the StrongDM Windows service, where input validation is incorrectly handled. The root cause is input validation failures that could allow an authenticated local attacker to escalate privileges. The CVSSv4 vector indicates a HIGH-severity, local attack with low complexity...
CVE-2025-6180 Authentication Hijack
The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit this to intercept and reuse the token, potentially redeeming valid authentication credentials through a race condition...
CVE-2025-6180 Authentication Hijack
The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit this to intercept and reuse the token, potentially redeeming valid authentication credentials through a race condition...
CVE-2025-6180
CVE-2025-6180 affects StrongDM Client. The issue is insufficient protection of a pre-authentication token, allowing interception and reuse via a race condition that could potentially redeem valid authentication credentials. The impact is described as token-level exposure with elevated risk to con...
PT-2025-34123 · Strongdm · Strongdm Client
Name of the Vulnerable Software and Affected Versions: StrongDM Client affected versions not specified Description: The StrongDM Client did not adequately protect a pre-authentication token. Attackers could exploit this to intercept and reuse the token, potentially redeeming valid authentication...
StrongDM Client 安全漏洞
StrongDM Client is a client software from StrongDM, Inc. A security vulnerability exists in StrongDM Client that stems from improper handling of input validation, which could lead to elevation of privilege...
PT-2025-34124 · Strongdm · Strongdm
Name of the Vulnerable Software and Affected Versions: StrongDM versions affected versions not specified Description: The StrongDM Windows service incorrectly handled input validation. Authenticated attackers could potentially exploit this issue, leading to privilege escalation. Recommendations: ...
PT-2025-34126 · Strongdm · Strongdm Macos Client
Name of the Vulnerable Software and Affected Versions: StrongDM macOS client affected versions not specified Description: The StrongDM macOS client incorrectly processed JSON-formatted messages. Attackers could potentially modify macOS system configuration by crafting a malicious JSON message...
StrongDM Client 安全漏洞
StrongDM Client is a client software from StrongDM, Inc. A security vulnerability exists in StrongDM Client that stems from improper handling of JSON formatted messages, which could result in modification of the system configuration...
PT-2025-34125
Name of the Vulnerable Software and Affected Versions: StrongDM versions affected versions not specified Description: The StrongDM Windows service incorrectly handled communication related to system certificate management. Attackers could exploit this behavior to install untrusted root certificat...
StrongDM Client 安全漏洞
StrongDM Client is a client software from StrongDM, Inc. A security vulnerability exists in StrongDM Client that stems from insufficient protection of pre-authenticated tokens, which could lead to interception and reuse of tokens...
StrongDM Client 安全漏洞
StrongDM Client is a client software from StrongDM, Inc. A security vulnerability exists in StrongDM Client that stems from improper handling of system certificate management communications that could result in the installation of an untrusted root certificate or the removal of a trusted...