CVE-2017-3222

Name of the Vulnerable Software and Affected Versions AmosConnect version 8

Description The issue is related to hard-coded credentials in the AmosConnect Task Manager, allowing remote attackers to gain full administrative privileges. This includes the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges. The exploitation of this issue can enable an attacker to obtain full administrative privileges and execute arbitrary commands on the host platform.

Recommendations For AmosConnect version 8, consider disabling the Task Manager feature until a patch is available to prevent exploitation. Restrict access to the AmosConnect Task Manager to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.