PT-2019-8775 · Avecto · Avecto Defendpoint

Publicado

2019-04-17

Atualizado

2020-12-29

CVE-2018-10959

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Avecto Defendpoint versions 4 prior to 4.4 SR6 Avecto Defendpoint versions 5 prior to 5.1 SR1

Description The issue is related to an Untrusted Search Path, which can be exploited by modifying environment variables. This allows an attacker to trigger automatic elevation of their process launch.

Recommendations For Avecto Defendpoint version 4, update to version 4.4 SR6 or later. For Avecto Defendpoint version 5, update to version 5.1 SR1 or later.

Correção

Untrusted Search Path

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-426

Identificadores relacionados

CVE-2018-10959

Produtos afetados

Avecto Defendpoint

PT-2019-8775 · Avecto · Avecto Defendpoint

CVE-2018-10959

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8