CVE-2024-6592
published 2024-09-25CVE-2024-6592: Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the…
PriorityP258critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
1.05%
59.9th percentile
Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Windows and MacOS allows Authentication Bypass.This issue affects the Authentication Gateway: through 12.10.2; Windows Single Sign-On Client: through 12.7; MacOS Single Sign-On Client: through 12.5.4.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| watchguard | authentication_gateway | <= 12.10.2 | — |
| watchguard | single_sign-on_client | <= 12.5.4 | — |
| watchguard | single_sign-on_client | <= 12.7 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-09-25
Published