Vulnerability Description
A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows a local attacker to retrieve the uninstall key and remove the software by extracting the uninstaller key from the memory of the uninstaller file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortra | Digital Guardian Agent | < 7.9.4 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/175956/Fortra-Digital-Guardian-Agent-UninstExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2023/Nov/14ExploitMailing ListThird Party Advisory
- https://r.sec-consult.com/fortraExploitThird Party Advisory
- https://www.fortra.com/securityProduct
- http://packetstormsecurity.com/files/175956/Fortra-Digital-Guardian-Agent-UninstExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2023/Nov/14ExploitMailing ListThird Party Advisory
- https://r.sec-consult.com/fortraExploitThird Party Advisory
- https://www.fortra.com/securityProduct
FAQ
What is CVE-2023-6253?
CVE-2023-6253 is a vulnerability with a CVSS score of 6.0 (MEDIUM). A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows a local attacker to retrieve the uninstall key and remove the software by extracting the uninstaller k...
How severe is CVE-2023-6253?
CVE-2023-6253 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-6253?
Check the references section above for vendor advisories and patch information. Affected products include: Fortra Digital Guardian Agent.