CVE-2024-46462 is a vulnerability identified in ZEDMAIL for Windows versions up to 2024.3, involving improper access control on dedicated folders used by the application. By default, these folders are accessible by other users on the same system, which allows an attacker with local access to misuse technical files stored within these folders. Such misuse can lead to the execution of tasks with higher privileges than the attacker normally possesses, effectively enabling privilege escalation. The root cause is a permissions misconfiguration consistent with CWE-276 (Incorrect Default Permissions). The vulnerability has a CVSS v3.1 score of 7.8, indicating high severity, with an attack vector limited to local access (AV:L), high attack complexity (AC:H), no privileges required (PR:N), and no user interaction (UI:N). The scope is changed (S:C), meaning the vulnerability affects resources beyond the initially vulnerable component. The impact is high on confidentiality and availability, but no impact on integrity is noted. No patches or exploits are currently publicly available, but the vulnerability requires immediate attention due to the potential for privilege escalation and service disruption. The recommended mitigation involves modifying ZEDMAIL's configuration to restrict access permissions on these dedicated folders, preventing unauthorized users from accessing or manipulating the technical files.

The vulnerability allows unauthorized local users to access and misuse technical files within ZEDMAIL's dedicated folders, potentially executing tasks with elevated privileges. This can lead to unauthorized disclosure of sensitive information (confidentiality impact) and denial of service or disruption of ZEDMAIL's functionality (availability impact). The lack of required privileges or user interaction lowers the barrier for exploitation by any local user, increasing risk in multi-user environments. Organizations relying on ZEDMAIL for secure communications may face increased risk of internal threat actors or compromised accounts escalating privileges, undermining security controls. The scope change indicates that the impact extends beyond the initially vulnerable component, potentially affecting other system components or data. Although no known exploits exist yet, the high CVSS score and nature of the vulnerability suggest that attackers could develop exploits, especially in environments where multiple users share the same system. This could result in significant operational disruption and data exposure.

1. Immediately review and modify the configuration of ZEDMAIL on all Windows systems to restrict access permissions on dedicated folders, ensuring only authorized users and processes have access. 2. Implement strict NTFS permissions on the affected folders to prevent unauthorized read, write, or execute access by other users. 3. Conduct regular audits of folder permissions and access logs to detect any unauthorized access attempts. 4. Limit the number of users with local access to systems running ZEDMAIL, especially in shared or multi-user environments. 5. Employ application whitelisting and endpoint protection solutions to monitor and block unauthorized execution of technical files. 6. Educate system administrators and users about the risks of local privilege escalation and the importance of maintaining proper access controls. 7. Monitor vendor communications for patches or updates addressing this vulnerability and apply them promptly once available. 8. Consider isolating ZEDMAIL installations in dedicated virtual machines or containers to reduce the attack surface. 9. Implement least privilege principles for all users and services interacting with ZEDMAIL to minimize potential exploitation impact.