CVE-2024-12310

Published: Jul 23, 2025

Modified: Jul 23, 2025

PUBLISHED

Description

A vulnerability in Imprivata Enterprise Access Management (formerly Imprivata OneSign) allows bypassing the login screen of the shared kiosk workstation and allows unauthorized access to the underlying Windows system through the already logged-in autologon account due to insufficient handling of keyboard shortcuts. This issue affects Imprivata Enterprise Access Management versions 5.3 through 24.2.

Vendor	Product	Versions
Imprivata	Enterprise Access Management	affected `5.3 - <= 24.2`

Weaknesses (CWE)

CWE-287

References

https://www.redguard.ch/blog/2025/07/23/cve-2024-12310-imprivata-bypass-of-login-screen/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-12310

Description

Affected Products

Weaknesses (CWE)

References