Catchpulse
Monthly
Information disclosure in SecureAge CatchPulse (versions up to 10.9.1) is triggered through an improperly secured IOCTL handler within the saappctl.sys kernel-mode driver, allowing a low-privileged local user to extract sensitive data from the driver's memory space. A public proof-of-concept exploit exists per VulDB reporting, increasing the likelihood of opportunistic local use - particularly as a reconnaissance step within a broader privilege escalation chain. No vendor patch has been issued and the vendor did not respond to coordinated disclosure, leaving all installations of affected versions unmitigated.
Information disclosure in SecureAge CatchPulse (versions up to 10.9.1) is triggered through an improperly secured IOCTL handler within the saappctl.sys kernel-mode driver, allowing a low-privileged local user to extract sensitive data from the driver's memory space. A public proof-of-concept exploit exists per VulDB reporting, increasing the likelihood of opportunistic local use - particularly as a reconnaissance step within a broader privilege escalation chain. No vendor patch has been issued and the vendor did not respond to coordinated disclosure, leaving all installations of affected versions unmitigated.