{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-3334","assignerOrgId":"df4dee71-de3a-4139-9588-11b62fe6c0ff","state":"PUBLISHED","assignerShortName":"Fortra","dateReserved":"2024-04-04T17:41:13.489Z","datePublished":"2024-11-15T19:57:28.245Z","dateUpdated":"2024-11-15T21:11:54.745Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","modules":["RME"],"platforms":["Windows"],"product":"Digital Guardian Agent","vendor":"Fortra","versions":[{"lessThanOrEqual":"8.1.0","status":"affected","version":"7.9.4","versionType":"semverCWE-693: Protection Mechanism Failure"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A security bypass vulnerability exists in the Removable Media Encryption (RME)component of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data.<br><br><p><br></p>"}],"value":"A security bypass vulnerability exists in the Removable Media Encryption (RME)component of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data."}],"impacts":[{"capecId":"CAPEC-554","descriptions":[{"lang":"en","value":"CAPEC-554 Functionality Bypass"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"PHYSICAL","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-922","description":"CWE-922 Insecure Storage of Sensitive Information","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"df4dee71-de3a-4139-9588-11b62fe6c0ff","shortName":"Fortra","dateUpdated":"2024-11-15T19:57:28.245Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.fortra.com/security/advisories/product-security/fi-2024-013"},{"tags":["vendor-advisory"],"url":"https://support.fortra.com/endpoint-dlp/kb-articles/dg-support-notice-security-bypass-vulnerability-with-rme-MTQwYTM5NTctZDk4Ny1lZjExLWFjMjEtNjA0NWJkMDFhMzQ3"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<div>There are two things required to remediate the bypass:</div><div>1. Upgrade the Windows Agent to version 8.2.0 or above.</div><div>2. Apply a new RME rule. For additional details, please see this <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.fortra.com/endpoint-dlp/kb-articles/dg-support-notice-security-bypass-vulnerability-with-rme-MTQwYTM5NTctZDk4Ny1lZjExLWFjMjEtNjA0NWJkMDFhMzQ3\">knowledge base article</a>.</div>"}],"value":"There are two things required to remediate the bypass:\n\n1. Upgrade the Windows Agent to version 8.2.0 or above.\n\n2. Apply a new RME rule. For additional details, please see this  knowledge base article https://support.fortra.com/endpoint-dlp/kb-articles/dg-support-notice-security-bypass-vulnerability-with-rme-MTQwYTM5NTctZDk4Ny1lZjExLWFjMjEtNjA0NWJkMDFhMzQ3 ."}],"source":{"discovery":"UNKNOWN"},"title":"USB Security Feature Bypass in Digital Guardian Windows Agent Prior to version 8.2.0","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-11-15T21:11:37.124030Z","id":"CVE-2024-3334","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-11-15T21:11:54.745Z"}}]}}