CVE-2024-3334— USB Security Feature Bypass in Digital Guardian Windows Agent Prior to version 8.2.0

CVSS 4.3 · Medium EPSS 0.04% · P13 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-3334

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

USB Security Feature Bypass in Digital Guardian Windows Agent Prior to version 8.2.0

Source: NVD (National Vulnerability Database)

Vulnerability Description

A security bypass vulnerability exists in the Removable Media Encryption (RME)component of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

敏感信息的不安全存储

Source: NVD (National Vulnerability Database)

Vulnerability Title

Digital Guardian Agent 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Digital Guardian Agent是美国Digital Guardian公司的一个广泛应用于云环境的数据保护平台。可发现、分类和控制跨端点、网络和云的数据移动。 Digital Guardian Agent 8.2.0之前版本存在安全漏洞，该漏洞源于存在可移动媒体加密组件的安全绕过，允许用户通过修改USB设备上的元数据来绕过加密控制，从而危及存储数据的机密性。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Fortra	Digital Guardian Agent	7.9.4 ~ 8.1.0	-

II. Public POCs for CVE-2024-3334

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-3334

请登录查看更多情报信息。

Fortra Support Portalvendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2024-3334

IV. Related Vulnerabilities

Same product: Digital Guardian Agent

CVE-2023-6253
Saved Uninstall Key in Digital Guardian Agent Uninstaller

Same vendor: Fortra

Same weakness: CWE-922

V. Comments for CVE-2024-3334

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-3334— USB Security Feature Bypass in Digital Guardian Windows Agent Prior to version 8.2.0

I. Basic Information for CVE-2024-3334

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-3334

III. Intelligence Information for CVE-2024-3334

IV. Related Vulnerabilities

V. Comments for CVE-2024-3334

Leave a comment