AmberWolf Uncovers Critical Vulnerabilities in Cato Client
As part of a recent client engagement, we conducted a product assessment of the Cato Client. During this assessment, we discovered significant …
Read ArticleAs part of a recent client engagement, we conducted a product assessment of the Cato Client. During this assessment, we discovered significant …
Read ArticleThe Cato Client was found to store authentication data within the trace logs generated by the desktop client during SSO authentication.
Read ArticleThe OpenSSL implementation in the winvpnclient.cli.exe service executable is configured to load an openssl.cnf file from a location that does not …
Read ArticleThe Cato Client was found to use an insecure temporary folder for downloading and processing updates.
Read ArticleThe web service used during the Cato SSO authentication flow was found to contain an Open Redirect issue, which could allow a remote attacker to …
Read ArticleThe Cato Client suffers from a Remote Code Execution vulnerability which could be triggered via a URL handler, or via requests to the local webserver.
Read ArticleThe Cato Client allows a low-privileged, local user to install arbitrary Root CA Certificates in the computer’s certificate store.
Read Article