Catonetworks Cato Client — known CVE vulnerabilities
Every CVE whose affected-product data names Catonetworks Cato Client, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2024-6975 — CVSS 8.8 (high): Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file. This issue affects SDP Client before 5.10.34.
CVE-2024-6974 — CVSS 8.8 (high): Cato Networks Windows SDP Client Local Privilege Escalation via self-upgradeThis issue affects SDP Client: before 5.10.34.
CVE-2025-3886 — CVSS 8.1 (high): An issue in CatoNetworks CatoClient before v.5.8.0 allows attackers to escalate privileges and achieve a race condition (TOCTOU) via the…
CVE-2023-43976 — CVSS 8.1 (high): An issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to escalate privileges and winning the race condition (TOCTOU) via the…
CVE-2024-6973 — CVSS 7.5 (high): Remote Code Execution in Cato Windows SDP client via crafted URLs. This issue affects Windows SDP Client before 5.10.34.
CVE-2024-6977 — CVSS 6.5 (medium): A vulnerability in Cato Networks SDP Client on Windows allows the insertion of sensitive information into the log file, which can lead to…
CVE-2024-6978 — CVSS 5.6 (medium): Cato Networks Windows SDP Client Local root certificates can be installed by low-privileged users.This issue affects SDP Client: before…