Faronics
Products
3- 2 CVEs
- 2 CVEs
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-36497 | Cri | 0.59 | 9.1 | 0.00 | Jun 24, 2024 | The decrypted configuration file contains the password in cleartext which is used to configure WINSelect. It can be used to remove the existing restrictions and disable WINSelect entirely. | ||
| CVE-2024-1618 | Hig | 0.51 | 7.8 | 0.00 | Mar 12, 2024 | A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, which affects versions 8.30.020.4627 and earlier. This vulnerability affects the DFServ.exe file. An attacker with local user privileges could exploit this vulnerability to replace the… | ||
| CVE-2024-36495 | Hig | 0.50 | 7.7 | 0.00 | Jun 24, 2024 | The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an encrypted file on the file system which "Everyone" has read and write access to, path to file: C:\ProgramData\WINSelect\WINSelect.wsd The path for the affected WINSelect… | ||
| CVE-2024-8159 | Med | 0.42 | 6.4 | 0.00 | Oct 3, 2024 | Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver. | ||
| CVE-2014-2382 | 0.00 | — | 0.00 | Nov 20, 2014 | The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service (crash) and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the… |
- risk 0.59cvss 9.1epss 0.00
The decrypted configuration file contains the password in cleartext which is used to configure WINSelect. It can be used to remove the existing restrictions and disable WINSelect entirely.
- risk 0.51cvss 7.8epss 0.00
A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, which affects versions 8.30.020.4627 and earlier. This vulnerability affects the DFServ.exe file. An attacker with local user privileges could exploit this vulnerability to replace the…
- risk 0.50cvss 7.7epss 0.00
The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an encrypted file on the file system which "Everyone" has read and write access to, path to file: C:\ProgramData\WINSelect\WINSelect.wsd The path for the affected WINSelect…
- risk 0.42cvss 6.4epss 0.00
Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver.
- CVE-2014-2382Nov 20, 2014risk 0.00cvss —epss 0.00
The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service (crash) and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the…