Description
The embedded Chromium browser in the Windows Cato Client is vulnerable to an open redirect attack using the catoias:// scheme (used by the Cato client embedded browser), which might be exploited for phishing.
Severity
The CVSSv4 score is 4.3 (Medium).
What Changes Do I Need to Make?
Use the SDP User Dashboard to identify users with Windows Client versions below X [COMPLETE]. Make sure they upgrade to the newest Windows Client version, and then receive the most recent security patches and enhancements.
What is the Impact on the Account?
If you don’t upgrade to Windows Client X [COMPLETE] or higher, devices with lower versions will be vulnerable. To the best of our knowledge, none of these issues has been exploited in the wild.
Who Do I Talk to If I Have Questions?
Please contact Support.
0 comments
Please sign in to leave a comment.