CVE-2024-36495 Information

Description

The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an encrypted file on the file system which \Everyone\ has read and write access to path to file:

C:\ProgramData\WINSelect\WINSelect.wsd

The path for the affected WINSelect Enterprise configuration file is:

C:\ProgramData\Faronics\StorageSpace\WS\WINSelect.wsd

Reference

https://r.sec-consult.com/winselect https://www.faronics.com/en-uk/document-library/document/winselect-standard-release-notes