Cato Client - Account Takeover Via Sensitive Log Data (CVE-2024-6977)
The Cato Client was found to store authentication data within the trace logs generated by the desktop client during SSO authentication.
Read ArticleAs part of a recent client engagement, we conducted a product assessment of the Cato Client.
Cato Networks describe the Cato client as “The Cato Client is a lightweight agent that provides secure zero-trust access to resources everywhere – on the Internet, SaaS, and Cloud or in your private data center.”
During this assessment, we discovered significant vulnerabilities which could potentially be exploited by attackers to compromise end-user devices.
The most critical of these issues could allow an attacker to gain full administrative control of a user’s device simply by having the user visit a malicious web page.
Between April 26th and 30th, 2024, we reported the following vulnerabilities to Cato Networks:
AmberWolf worked with Cato through a period of re-testing to ensure that the issues were resolved prior to the release of this blog and set of advisories. AmberWolf verified the fix resolved the issue before distribution.
Using Cato’s automated update feature, the majority of customer endpoints were patched within one week once the fix had been verified, with the remainder notified that an update was required.
For further information, please see the Cato website at: https://securityadvisories.catonetworks.com
Trusted by leaders, empowering organisations
We empower businesses by providing critical insight to the tradecraft and tactics used by today’s threat actors. Our insight enables Leaders to make improved decisions about their defences and how to efficiently prepare for the worst, conversant all the way from the server room to the boardroom.
We seek to change the way offensive security and attack simulation is planned and consumed, as it’s not just about narrative and validation. We translate adversarial capability into defensive tradecraft, increasing your operational resilience.
For more information about our services and how we can help safeguard your business, visit AmberWolf.
The Cato Client was found to store authentication data within the trace logs generated by the desktop client during SSO authentication.
Read ArticleThe web service used during the Cato SSO authentication flow was found to contain an Open Redirect issue, which could allow a remote attacker to …
Read Article