Vulnerabilities

CVE-2024-12838

by Fred · 31/12/2024

The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators.

More information : https://www.twcert.org.tw/en/cp-139-8333-32cf8-2.html

Similar

Tags: Cybersecurity Alert