CVE-2023-50440
Description
An unauthenticated attacker can modify a ZED container to include a UNC reference, which triggers network access and potential credential theft when the victim opens the file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An unauthenticated attacker can modify a ZED container to include a UNC reference, which triggers network access and potential credential theft when the victim opens the file.
Vulnerability
CVE-2023-50440 affects ZED containers produced by multiple PRIMX products, including ZED! for Windows, Mac, Linux (before 2023.5), ZONECENTRAL for Windows (before Q.2021.2 or 2023.5), ZEDMAIL for Windows (before 2023.5), ZEDFREE for Windows, Mac, Linux (before 2023.5), and ZEDPRO for Windows, Mac, Linux (before 2023.5). The vulnerability allows an unauthenticated attacker to modify a ZED container to include a UNC (Universal Naming Convention) reference. When the victim opens the compromised container, the application will attempt network access to the attacker-controlled computer [2].
Exploitation
An attacker needs no authentication or user interaction to craft a malicious ZED container—only the ability to modify an existing container file or supply a new one to a victim. The attack requires that the victim opens the modified container with an affected version of the software. The application then processes the embedded UNC reference, initiating an outbound SMB connection to the attacker's machine. No special network position is required beyond delivering the container to the target (e.g., via email, download, or shared storage) [1][2].
Impact
When the victim opens the malicious container, the network access triggered by the UNC reference can cause the victim's system to automatically attempt authentication with the attacker's server. This can lead to the disclosure of the user's credentials (e.g., NTLM challenge/response hashes), which the attacker could then reuse or crack. The impact is a compromise of confidentiality (credential theft) and potentially integrity/availability if credentials are leveraged for further access. The CVSS base score is 7.5 (HIGH) [2].
Mitigation
Users should upgrade to a fixed version: for ZED! Enterprise for Windows, versions Q.2020.3, Q.2021.2 (both validated by ANSSI) or 2023.5; for ZED! Enterprise for Linux/macOS and ZEDPRO/FREE for all platforms, version 2023.5 or later; for ZONECENTRAL for Windows, version Q.2021.2 or 2023.5; and for ZEDMAIL for Windows, version 2023.5. No workaround is publicly documented; as a general precaution, avoid opening ZED containers from untrusted sources [2].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- PRIMX/ZED!description
- Range: < Q.2020.3
- Range: < Q.2021.2
- Range: < Q.2021.2
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
2News mentions
0No linked articles in our index yet.