CVE-2024-52378 is an Absolute Path Traversal vulnerability found in labs64 DigiPass versions up to and including 0.3.0. The vulnerability arises due to improper limitation of pathname inputs, allowing attackers to traverse directories and access files outside the intended restricted directory. This flaw can be exploited by crafting malicious requests that manipulate file path parameters, bypassing security controls that should confine file access to specific directories. DigiPass is a security product used primarily for authentication and identity verification, making the vulnerability particularly concerning as it could expose sensitive authentication data or configuration files. Although no known exploits have been reported in the wild, the vulnerability's nature allows an attacker to potentially read arbitrary files on the system, which could lead to information disclosure, credential theft, or further exploitation. The vulnerability does not require user interaction but does require the attacker to have network access to the vulnerable DigiPass service. No CVSS score has been assigned yet, and no official patches have been published at the time of this report. The vulnerability highlights the importance of proper input validation and directory access controls in security-critical software components.

The primary impact of CVE-2024-52378 is unauthorized disclosure of sensitive files due to path traversal, which can compromise confidentiality and integrity of the affected systems. Attackers exploiting this vulnerability could access configuration files, authentication credentials, or other sensitive data stored on the system, potentially leading to account compromise or further lateral movement within an organization’s network. For organizations relying on DigiPass for authentication, this could undermine trust in their security infrastructure and expose them to identity theft or unauthorized access. The availability impact is generally low unless the attacker uses the vulnerability as a foothold for further attacks that disrupt services. The scope of affected systems is limited to those running vulnerable versions of DigiPass, but given the critical role of authentication systems, the impact on affected organizations can be severe. The lack of known exploits currently reduces immediate risk, but the vulnerability should be treated with urgency due to the ease of exploitation and potential for significant damage.

Organizations should immediately audit their DigiPass deployments to identify if they are running vulnerable versions (up to 0.3.0). Until an official patch is released, implement strict input validation and sanitization on all file path parameters to prevent directory traversal sequences such as '../'. Employ web application firewalls (WAFs) or intrusion prevention systems (IPS) with rules designed to detect and block path traversal attempts targeting DigiPass endpoints. Restrict network access to DigiPass services to trusted internal networks or VPNs to reduce exposure. Monitor logs for unusual file access patterns or attempts to access restricted directories. Engage with labs64 for updates on patches or security advisories and apply them promptly once available. Consider isolating DigiPass components in hardened environments with minimal file system permissions to limit the impact of any successful exploitation. Conduct regular security assessments and penetration tests focusing on path traversal and input validation vulnerabilities.