AmberWolf Research

Skeleton Cookie: Breaking into Safeguard with CVE-2024-45488

Join us as we reveal how CVE-2024-45488 can let attackers gain access to your corporate password vault and uncover hidden secrets of Microsoft DPAPI.

Read Article

One Identity SafeGuard for Privileged Passwords - Authentication Bypass (CVE-2024-45488)

SafeGuard for Privileged Passwords (SPP) virtual appliance images contain a hard-coded cryptographic key (CWE-321). An attacker can exploit this key …

Read Article

AmberWolf Uncovers Critical Vulnerabilities in Cato Client

As part of a recent client engagement, we conducted a product assessment of the Cato Client. During this assessment, we discovered significant …

Read Article

Cato Client - Account Takeover Via Sensitive Log Data (CVE-2024-6977)

The Cato Client was found to store authentication data within the trace logs generated by the desktop client during SSO authentication.

Read Article

Cato Client - Local Privilege Escalation via OpenSSL Configuration File (CVE-2024-6975)

The OpenSSL implementation in the winvpnclient.cli.exe service executable is configured to load an openssl.cnf file from a location that does not …

Read Article

Cato Client - Local Privilege Escalation via Self-Upgrade (CVE-2024-6974)

The Cato Client was found to use an insecure temporary folder for downloading and processing updates.

Read Article