Denis Faiustov

**Name of the Vulnerable Software and Affected Versions** Windows COM (affected versions not specified) **Description** The acceptance of extraneous untrusted data combined with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JP1/IT Desktop Management 2 - Manager versions 13-50 through 13-50-01 JP1/IT Desktop Management 2 - Manager versions 13-11 through 13-11-03 JP1/IT Desktop Management 2 - Manager versions 13-10 through 13-10-06 JP1/IT Desktop Management 2 - Manager versions 13-01 through 13-01-06 JP1/IT Desktop Management 2 - Manager versions 13-00 through 13-00-04 JP1/IT Desktop Management 2 - Manager versions 12-60 through 12-60-11 JP1/IT Desktop Management 2 - Manager versions 10-50 through 12-50-11 JP1/IT Desktop Management 2 - Operations Director versions 13-50 through 13-50-01 JP1/IT Desktop Management 2 - Operations Director versions 13-11 through 13-11-03 JP1/IT Desktop Management 2 - Operations Director versions 13-10 through 13-10-06 JP1/IT Desktop Management 2 - Operations Director versions 13-01 through 13-01-06 JP1/IT Desktop Management 2 - Operations Director versions 13-00 through 13-00-04 JP1/IT Desktop Management 2 - Operations Director versions 12-60 through 12-60-11 JP1/IT Desktop Management 2 - Operations Director versions 10-50 through 12-50-11 Job Management Partner 1/IT Desktop Management 2 - Manager versions 10-50 through 10-50-11 JP1/IT Desktop Management - Manager versions 09-50 through 10-10-16 Job Management Partner 1/IT Desktop Management - Manager versions 09-50 through 10-10-16 JP1/NETM/DM Manager versions 09-00 through 10-20-02 JP1/NETM/DM Client versions 09-00 through 10-20-02 Job Management Partner 1/Software Distribution Manager versions 09-00 through 09-51-13 Job Management Partner 1/Software Distribution Client versions 09-00 through 09-51-13 **Description** A buffer overflow issue exists in several JP1 and Job Management Partner 1 components on Windows. A buffer overflow occurs when a program writes more data to a block of memory, or buffer, than the buffer is allowed to hold. **Recommendations** Update JP1/IT Desktop Management 2 - Manager to version 13-50-02, 13-11-04, 13-10-07, 13-01-07, 13-00-05, or 12-60-12 depending on the current version. Update JP1/IT Desktop Management 2 - Operations Director to version 13-50-02, 13-11-04, 13-10-07, 13-01-07, 13-00-05, or 12-60-12 depending on the current version. At the moment, there is no information about a newer version that contains a fix for Job Management Partner 1/IT Desktop Management 2 - Manager, JP1/IT Desktop Management - Manager, Job Management Partner 1/IT Desktop Management - Manager, JP1/NETM/DM Manager, JP1/NETM/DM Client, Job Management Partner 1/Software Distribution Manager, and Job Management Partner 1/Software Distribution Client.

**Name of the Vulnerable Software and Affected Versions** JP1/IT Desktop Management 2 - Manager versions 13-50 through 13-50-01 JP1/IT Desktop Management 2 - Manager versions 13-11 through 13-11-03 JP1/IT Desktop Management 2 - Manager versions 13-10 through 13-10-06 JP1/IT Desktop Management 2 - Manager versions 13-01 through 13-01-06 JP1/IT Desktop Management 2 - Manager versions 13-00 through 13-00-04 JP1/IT Desktop Management 2 - Manager versions 12-60 through 12-60-11 JP1/IT Desktop Management 2 - Manager versions 10-50 through 12-50-11 JP1/IT Desktop Management 2 - Operations Director versions 13-50 through 13-50-01 JP1/IT Desktop Management 2 - Operations Director versions 13-11 through 13-11-03 JP1/IT Desktop Management 2 - Operations Director versions 13-10 through 13-10-06 JP1/IT Desktop Management 2 - Operations Director versions 13-01 through 13-01-06 JP1/IT Desktop Management 2 - Operations Director versions 13-00 through 13-00-04 JP1/IT Desktop Management 2 - Operations Director versions 12-60 through 12-60-11 JP1/IT Desktop Management 2 - Operations Director versions 10-50 through 12-50-11 Job Management Partner 1/IT Desktop Management 2 - Manager versions 10-50 through 10-50-11 JP1/IT Desktop Management - Manager versions 09-50 through 10-10-16 Job Management Partner 1/IT Desktop Management - Manager versions 09-50 through 10-10-16 JP1/NETM/DM Manager versions 09-00 through 10-20-02 JP1/NETM/DM Client versions 09-00 through 10-20-02 Job Management Partner 1/Software Distribution Manager versions 09-00 through 09-51-13 Job Management Partner 1/Software Distribution Client versions 09-00 through 09-51-13 **Description** Remote Code Execution issue affecting multiple JP1 and Job Management Partner 1 components on Windows. **Recommendations** Update JP1/IT Desktop Management 2 - Manager to version 13-50-02, 13-11-04, 13-10-07, 13-01-07, 13-00-05, or 12-60-12 depending on the current version. Update JP1/IT Desktop Management 2 - Operations Director to version 13-50-02, 13-11-04, 13-10-07, 13-01-07, 13-00-05, or 12-60-12 depending on the current version. At the moment, there is no information about a newer version that contains a fix for Job Management Partner 1/IT Desktop Management 2 - Manager, JP1/IT Desktop Management - Manager, Job Management Partner 1/IT Desktop Management - Manager, JP1/NETM/DM Manager, JP1/NETM/DM Client, Job Management Partner 1/Software Distribution Manager, and Job Management Partner 1/Software Distribution Client.

**Name of the Vulnerable Software and Affected Versions** Lanscope Endpoint Manager (On-Premises) versions prior to 9.4.7.4 **Description** A path traversal issue exists in Lanscope Endpoint Manager (On-Premises) Sub-Manager Server. This could allow an attacker to modify files and execute code on a vulnerable system. The vulnerability affects the Sub-Manager Server component. **Recommendations** Update Lanscope Endpoint Manager (On-Premises) to version 9.4.7.4 or later.

**Name of the Vulnerable Software and Affected Versions** Windows Error Reporting versions prior to January 2026 **Description** Improper handling of permissions in the Windows Error Reporting (WER) service allows an authorized local attacker to elevate privileges to NT AUTHORITYSYSTEM. The issue exists in the ALPC (Advanced Local Procedure Call) interface, which is a high-speed messaging system for local inter-process communication. Specifically, the service publishes the ALPC port 'WindowsErrorReportingService' but fails to perform authorization checks on callers within the `CWerService::SvcElevatedLaunch()` function. A low-privileged user can connect to this port and send a crafted message containing a handle to shared memory with an arbitrary command line. The service then processes this request and launches `WerFault.exe` or `WerMgr.exe` using a SYSTEM token, executing the attacker-controlled command. **Recommendations** Apply the Microsoft January 2026 updates to resolve this issue. As a temporary workaround, restrict access to the vulnerable ALPC port 'WindowsErrorReportingService' to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: SS1 versions 16.0.0.10 and earlier SS1 Media versions 16.0.0a and earlier Description: An issue exists where files or directories are accessible to external parties. Exploitation may allow a remote, unauthenticated attacker to access uploaded files and SS1 configuration files. Recommendations: Update SS1 to a version later than 16.0.0.10. Update SS1 Media to a version later than 16.0.0a.

Name of the Vulnerable Software and Affected Versions: SS1 versions 16.0.0.10 and earlier SS1 Media versions 16.0.0.a and earlier Description: An improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists. A remote authenticated attacker may overwrite legitimate files by exploiting this issue. Recommendations: Update SS1 to a version later than 16.0.0.10. Update SS1 Media to a version later than 16.0.0.a.

Name of the Vulnerable Software and Affected Versions: SS1 versions 16.0.0.10 and earlier SS1 Media versions 16.0.0a and earlier Description: SS1 versions 16.0.0.10 and earlier (Media version: 16.0.0a and earlier) allow a remote, unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges. Recommendations: Update SS1 to a version later than 16.0.0.10. Update SS1 Media to a version later than 16.0.0a.

**Name of the Vulnerable Software and Affected Versions** SS1 versions 16.0.0.10 and earlier SS1 Media versions 16.0.0a and earlier **Description** SS1 versions 16.0.0.10 and earlier (Media version 16.0.0a and earlier) allow a remote, unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: SS1 versions 16.0.0.10 and earlier SS1 Media versions 16.0.0a and earlier Description: An inadequate encryption strength issue exists that may allow a remote, unauthenticated attacker to access a function requiring authentication. Recommendations: Update SS1 to a version later than 16.0.0.10. Update SS1 Media to a version later than 16.0.0a.

**Name of the Vulnerable Software and Affected Versions** SKYSEA Client View versions 3.013.00 through 19.210.04e **Description** The issue allows an arbitrary process to be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows client is installed. This is due to an origin validation error. **Recommendations** For versions 3.013.00 through 19.210.04e, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SKYSEA Client View versions 6.010.06 through 19.210.04e **Description** The issue allows for incorrect privilege assignment. If a user with login access to the PC where the Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privilege. **Recommendations** For versions 6.010.06 through 19.210.04e, consider restricting access to the specific folder where the DLL file can be placed to minimize the risk of exploitation. As a temporary workaround, monitor the folder for any suspicious DLL files and remove them immediately. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks GlobalProtect App (affected versions not specified) **Description** A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these encrypted credentials are exposed to recipients of the application logs. The issue is related to the exposure of information through log files, which can be exploited by a remote attacker to obtain encrypted user credentials. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2 **Description** An improper access control issue exists in the resident process of SKYSEA Client View. This issue can be exploited to execute an arbitrary process with SYSTEM privilege by a user who can log in to the PC where the product's Windows client is installed. **Recommendations** For SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2, update to version Ver.19.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office (affected versions not specified) **Description** The issue is related to insufficient access control in Microsoft Office, which can be exploited to elevate privileges in the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper access control vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to bypass access restriction and download an arbitrary file of the directory where the product runs. As a result of exploiting this vulnerability with CVE-2023-22336 and CVE-2023-22344 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.

🚨 CVE-2023-22344 Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to obtain the password of the debug tool and execute it. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22336 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device. 🎖@cveNotify

Path traversal vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to upload a specially crafted file to an arbitrary directory. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22344 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.

**Name of the Vulnerable Software and Affected Versions** Azure App Service on Azure Stack Hub (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in Azure App Service on Azure Stack Hub. It is associated with access control errors. Exploitation of the vulnerability could allow a remote attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Credential Manager (affected versions not specified) **Description** The issue is related to insufficient access restrictions in the Windows Credential Manager user interface, which can be exploited to elevate privileges. This could allow an attacker to affect the system. No information is provided about the estimated number of potentially affected devices or real-world incidents. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.