Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,CWE-345,CWE-347,CWE-494,CWE-494,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| rufus_project | rufus | * |