VYPR

Okta Verify for Windows

by Okta

CVEs (2)

  • CVE-2024-9191Nov 1, 2024
    risk 0.00cvss epss 0.00

    The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vulnerability was discovered…

  • CVE-2024-7061Aug 7, 2024
    risk 0.00cvss epss 0.00

    Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater.