CVE-2024-42013 Information

Description

In GRAU DATA Blocky before 3.1 Blocky-Gui has a Client-Side Enforcement of Server-Side Security vulnerability. An attacker with Windows administrative or debugging privileges can patch a binary in memory or on disk to bypass the password login requirement and gain full access to all functions of the program.

Reference

https://www.blockyforveeam.com/en/security-bulletin-2024-06-25/ https://www.graudata.com/en/products/protection-against-ransomware/blocky-for-veeam/