CVE-2024-46622

CVE-2024-46622 is an Escalation of Privilege vulnerability (CWE-281) in SecureAge Security Suite software, affecting versions 7.0.x before 7.0.38, 7.1.x before 7.1.11, 8.0.x before 8.0.18, and 8.1.x before 8.1.18. The flaw enables arbitrary file creation, modification, and deletion on affected systems. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), classifying it as critical due to its network accessibility, low attack complexity, and lack of prerequisites like privileges or user interaction.

Remote attackers require no authentication or special privileges to exploit this vulnerability over the network. Successful exploitation allows privilege escalation, granting the ability to create, modify, or delete arbitrary files, which can lead to full system compromise through high-impact disruption of confidentiality, integrity, and availability.

Vendor advisories provide mitigation guidance, with patches available in SecureAge Security Suite versions 7.0.38, 7.1.11, 8.0.18, and 8.1.18. Additional details are documented on the SecureAge website at https://www.secureage.com/ and in their blog post at https://www.secureage.com/blog/resolved-escalation-of-privilege.