SecureKit Steganography 1.7.1 and 1.8 embeds password information in the carrier file, which allows remote attackers to bypass authentication requirements and decrypt embedded steganography by replacing the last 20 bytes of the JPEG image with alternate password information.

Threat-Mapped Scoring

Score: 3.0

Priority: P2 - Serious (High)

• S1 – Steal Customer Account Information

EPSS

Score: 0.01218
Percentile: 0.78172

CVSS Scoring

Affected Products

• cpe:2.3:a:securekit:securekit_steganography:1.7.1:*:*:*:*:*:*:*
• cpe:2.3:a:securekit:securekit_steganography:1.8:*:*:*:*:*:*:*

← Back to Home