{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3502", "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "state": "PUBLISHED", "assignerShortName": "checkpoint", "dateReserved": "2026-03-03T21:18:35.221Z", "datePublished": "2026-03-30T18:05:42.806Z", "dateUpdated": "2026-04-02T22:20:23.819Z"}, "containers": {"cna": {"affected": [{"product": "TrueConf Client", "vendor": "TrueConf", "versions": [{"status": "affected", "version": "TrueConf Client versions 8.1.0 through 8.5.2"}]}], "title": "TrueConf Client Update Integrity Verification Bypass", "descriptions": [{"lang": "en", "value": "TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-494", "description": "CWE-494: Download of Code Without Integrity Check.", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint", "dateUpdated": "2026-03-30T18:05:42.806Z"}, "references": [{"url": "https://trueconf.com/blog/update/trueconf-8-5"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "LOW", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L"}}]}, "adp": [{"references": [{"url": "https://research.checkpoint.com/2026/operation-truechaos-0-day-exploitation-against-southeast-asian-government-targets/", "tags": ["third-party-advisory"]}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3502", "tags": ["government-resource"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-02T17:04:21.451016Z", "id": "CVE-2026-3502", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2026-04-02", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3502"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T22:20:23.819Z"}, "timeline": [{"time": "2026-04-02T00:00:00.000Z", "lang": "en", "value": "CVE-2026-3502 added to CISA KEV"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3502", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-02T17:04:21.451016Z"}}}], "references": [{"url": "https://research.checkpoint.com/2026/operation-truechaos-0-day-exploitation-against-southeast-asian-government-targets/", "tags": ["third-party-advisory"]}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3502", "tags": ["government-resource"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T14:28:12.261Z"}}], "cna": {"title": "TrueConf Client Update Integrity Verification Bypass", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "TrueConf", "product": "TrueConf Client", "versions": [{"status": "affected", "version": "TrueConf Client versions 8.1.0 through 8.5.2"}]}], "references": [{"url": "https://trueconf.com/blog/update/trueconf-8-5"}], "descriptions": [{"lang": "en", "value": "TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-494", "description": "CWE-494: Download of Code Without Integrity Check."}]}], "providerMetadata": {"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint", "dateUpdated": "2026-03-30T18:05:42.806Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3502", "state": "PUBLISHED", "dateUpdated": "2026-04-02T17:05:00.317Z", "dateReserved": "2026-03-03T21:18:35.221Z", "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "datePublished": "2026-03-30T18:05:42.806Z", "assignerShortName": "checkpoint"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user."}, {"lang": "es", "value": "TrueConf Client descarga c\u00f3digo de actualizaci\u00f3n de la aplicaci\u00f3n y lo aplica sin realizar verificaci\u00f3n. Un atacante que es capaz de influir en la ruta de entrega de la actualizaci\u00f3n puede sustituir una carga \u00fatil de actualizaci\u00f3n manipulada. Si la carga \u00fatil es ejecutada o instalada por el actualizador, esto puede resultar en ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del proceso de actualizaci\u00f3n o del usuario."}], "id": "CVE-2026-3502", "lastModified": "2026-04-02T18:16:34.867", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 6.0, "source": "cve@checkpoint.com", "type": "Secondary"}]}, "published": "2026-03-30T19:16:27.053", "references": [{"source": "cve@checkpoint.com", "url": "https://trueconf.com/blog/update/trueconf-8-5"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://research.checkpoint.com/2026/operation-truechaos-0-day-exploitation-against-southeast-asian-government-targets/"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3502"}], "sourceIdentifier": "cve@checkpoint.com", "vulnStatus": "Undergoing Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-494"}], "source": "cve@checkpoint.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-03-30T20:52:20.371797+00:00", "value": {"mitigation_remediation": ["Upgrade TrueConf Client to version 8.5 or later, which introduces integrity verification for updates.", "Ensure that any update downloads originate from the official TrueConf domain and that TLS certificate validation is enforced, blocking access to unauthorised update servers.", "If an immediate patch cannot be applied, disable automatic updates to prevent the installation of unverified packages."], "summary": {"action": "Patch Now", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "All installations of TrueConf Client that use the automatic update mechanism are potentially impacted. The CNA identifies the product as TrueConf Client, but no particular versions are excluded or specifically listed; consequently, any release prior to the integrity\u2011checking update is at risk.", "description_and_impact": "The TrueConf Client retrieves update files from a specified source and installs them without performing integrity checks such as cryptographic signatures or checksums. Because no verification is performed, a malicious payload supplied on the update path can be executed during installation, giving the attacker arbitrary code execution privileges in the context of the updater or the end user. This behaviour is consistent with CWE\u2011494, which relates to the exploitation of insecure data.", "risk_and_exploitability": "The CVSS score of 7.8 places the vulnerability in the high\u2011severity range. The description states that the attacker only needs to influence the update delivery path; the CVE does not specify the precise method, but control of that path would enable a malicious update to be downloaded and executed. No user interaction is required beyond this influence. While an EPSS score is unavailable and the vulnerability is not catalogued in CISA\u2019s KEV, the vendor has released fixes that address the underlying issue."}}}}, "created": "2026-03-30T20:55:16.791494+00:00", "updated": "2026-03-30T20:55:16.791528+00:00", "vendors": []}