AmberWolf Uncovers Critical Vulnerabilities in Cato Client

Introduction

As part of a recent client engagement, we conducted a product assessment of the Cato Client.

Cato Networks describe the Cato client as “The Cato Client is a lightweight agent that provides secure zero-trust access to resources everywhere – on the Internet, SaaS, and Cloud or in your private data center.”

During this assessment, we discovered significant vulnerabilities which could potentially be exploited by attackers to compromise end-user devices.

The most critical of these issues could allow an attacker to gain full administrative control of a user’s device simply by having the user visit a malicious web page.

Vulnerabilities Discovered

Between April 26th and 30th, 2024, we reported the following vulnerabilities to Cato Networks:

Collaboration and Resolution

AmberWolf worked with Cato through a period of re-testing to ensure that the issues were resolved prior to the release of this blog and set of advisories. AmberWolf verified the fix resolved the issue before distribution.

Using Cato’s automated update feature, the majority of customer endpoints were patched within one week once the fix had been verified, with the remainder notified that an update was required.

For further information, please see the Cato website at: https://securityadvisories.catonetworks.com

Disclosure Timeline

  • 26/04/2024 - First set of issues disclosed to Cato
  • 30/04/2024 - Second set of issues disclosed to Cato
  • 10/05/2024 - Patches issued for retesting
  • 15/05/2024 – Patch feedback provided
  • 03/06/2024 - Automated patching begins and notifications sent to customers

About AmberWolf

Trusted by leaders, empowering organisations

We empower businesses by providing critical insight to the tradecraft and tactics used by today’s threat actors. Our insight enables Leaders to make improved decisions about their defences and how to efficiently prepare for the worst, conversant all the way from the server room to the boardroom.

We seek to change the way offensive security and attack simulation is planned and consumed, as it’s not just about narrative and validation. We translate adversarial capability into defensive tradecraft, increasing your operational resilience.

For more information about our services and how we can help safeguard your business, visit AmberWolf.

You May Also Like