CVE-2024-7825

CRITICAL

Webroot Secureanywhere Web Shield < 2.1.2.3 - Type Confusion

Title source: rule

Description

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrUrl.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3.

References (1)

[Vendor Advisory] https://answers.webroot.com/Webroot/ukp.aspx?pid=12&app=vw&vw=1&login=1&json=1&solutionid=4275

Scores

CVSS v3 9.8

EPSS 0.0035

EPSS Percentile 57.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-843

Status published

Products (1)

webroot/secureanywhere_web_shield < 2.1.2.3

Published Oct 03, 2024

Tracked Since Feb 18, 2026