Description

TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.

INFO

Published Date :

2026-03-30T18:05:42.806Z

Last Modified :

2026-04-03T03:55:23.638Z

Source :

checkpoint
AFFECTED PRODUCTS

The following products are affected by CVE-2026-3502 vulnerability.

Vendors Products
Trueconf
  • Trueconf
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-3502.

URL Resource
https://research.checkpoint.com/2026/operation-truechaos-0-day-exploitation-against-southeast-asian-government-targets/ cve-icon cve-icon
https://trueconf.com/blog/update/trueconf-8-5 cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3502 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact