CVE-2024-3334

MEDIUM

Digital Guardian <8.2.0 - Auth Bypass

Title source: llm

Description

A security bypass vulnerability exists in the Removable Media Encryption (RME)component of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data.

References (2)

[Vendor Advisory] https://www.fortra.com/security/advisories/product-security/fi-2024-013

[Various Sources] https://support.fortra.com/endpoint-dlp/kb-articles/dg-support-notice-security-bypass-vulnerability-with-rme-MTQwYTM5NTctZDk4Ny1lZjExLWFjMjEtNjA0NWJkMDFhMzQ3

Scores

CVSS v3 4.3

EPSS 0.0004

EPSS Percentile 12.7%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-922

Status published

Products (1)

Fortra/Digital Guardian Agent 7.9.4 - 8.1.0

Published Nov 15, 2024

Tracked Since Feb 18, 2026