PT-2026-5577 · Deepinstinct+1 · Deep Instinct Windows Agent+1
Oscar Flores
·
Publicado
2026-02-01
·
Atualizado
2026-02-01
·
CVE-2020-37047
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Deep Instinct Windows Agent version 1.2.29.0
Description
The Deep Instinct Windows Agent version 1.2.29.0 has an issue with an unquoted service path in the
DeepMgmtService. This allows local users to potentially run code with higher privileges. An attacker can exploit the unquoted path at C:Program FilesHP Sure SenseDeepMgmtService.exe to inject malicious code. This code would then run with LocalSystem permissions when the service starts.Recommendations
Ensure the service path for
DeepMgmtService is enclosed in quotes.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Deep Instinct Windows Agent
Hp Sure Sense