VYPR

SanDisk PrivateAccess

by Westerndigital

CVEs (2)

  • CVE-2024-22167HigMar 13, 2024
    risk 0.51cvss 7.9epss 0.00

    A potential DLL hijacking vulnerability in the SanDisk PrivateAccess application for Windows that could lead to arbitrary code execution in the context of the system user. This vulnerability is only exploitable locally if an attacker has access to a copy of the user's vault or…

  • CVE-2023-22812Mar 24, 2023
    risk 0.00cvss epss 0.00

    SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 and TLS 1.1 protocols which are susceptible to man-in-the-middle attacks thereby compromising confidentiality and integrity of data.