CVE-2024-39613 Information

Description

Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user’s machine to cause remote code execution on that machine.

Reference

https://mattermost.com/security-updates