Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker (with appropriate privileges) so that specific file types are excluded from encryption temporarily. (This modification can, however, be detected, as described in the Administrator Guide.)
AnalysisAI
Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker (with appropriate privileges) so that specific file types are excluded from encryption temporarily. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker (with appropriate privileges) so that specific file types are excluded from encryption temporarily. (This modification can, however, be detected, as described in the Administrator Guide.) Affected products include: Primx Zonecentral. Version information: through 2023.5.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Zonecentral
View allBy default, .ZED containers produced by PRIMX ZED!. Rated high severity (CVSS 7.5), this vulnerability is remotely explo
ZED containers produced by PRIMX ZED!. Rated medium severity (CVSS 5.5), this vulnerability is no authentication require
Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission) or ZONECENTR
ZED containers produced by PRIMX ZED!. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no
Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows (ANS
PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. Rated medium severity (CVSS 4.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today