CVE-2023-50159

Published: Jan 11, 2024

Modified: Jun 17, 2025

PUBLISHED

Description

In ScaleFusion (Windows Desktop App) agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59

https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6

https://help.scalefusion.com/docs/security-advisory-for-windows-mdm-agent

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-50159

Description

Affected Products

References