Dawson Medin

**Name of the Vulnerable Software and Affected Versions** Netskope client service versions prior to R96 **Description** The issue is related to a synchronization error when using a shared resource, which can be exploited by a malicious local user to elevate privileges. The Netskope client service runs as NT AUTHORITYSYSTEM and writes log files to a writable directory for a standard user. A race condition is created when the service restarts, allowing a malicious user to create a file and set ACL permissions. This can make all files within the directory modifiable by an unprivileged user, and by using Windows pseudo-symlink, these files can be pointed to other places in the system, enabling malicious users to elevate privileges. **Recommendations** For versions prior to R96, consider disabling the logplaceholder file until a patch is available to prevent exploitation of the race condition. Restrict access to the C:UsersPublic etSkope directory to minimize the risk of exploitation. Avoid using Windows pseudo-symlink on the affected files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas** Rapid7 Insight Agent, versões 3.0.1 a 3.1.2.34 **Descrição** O problema consiste em uma escalada de privilégios local devido a um caminho de pesquisa de DLLs não controlado. Quando o software é iniciado, o interpretador Python tenta carregar o `python3.dll` em um local que normalmente é gravável por usuários autenticados localmente. Isso permite que um usuário local mal-intencionado obtenha privilégios de SISTEMA. **Recomendações** Para as versões 3.0.1 a 3.1.2.34, atualize para a versão 3.1.2.35 para resolver o problema.