Joona Hoikkala

**Name of the Vulnerable Software and Affected Versions** FreshService macOS Agent versions < 4.4.0 FreshService Linux Agent versions < 3.4.0 **Description** The issue allows for TLS Man-in-The-Middle attacks via the FreshAgent client and scheduled update service. **Recommendations** For FreshService macOS Agent versions < 4.4.0, update to version 4.4.0 or later. For FreshService Linux Agent versions < 3.4.0, update to version 3.4.0 or later.

**Name of the Vulnerable Software and Affected Versions** FreshService Windows Agent versions prior to 2.11.0 FreshService macOS Agent versions prior to 4.2.0 FreshService Linux Agent versions prior to 3.3.0 **Description** The issue is related to broken integrity checking via the FreshAgent client and scheduled update service. **Recommendations** For FreshService Windows Agent versions prior to 2.11.0, update to version 2.11.0 or later. For FreshService macOS Agent versions prior to 4.2.0, update to version 4.2.0 or later. For FreshService Linux Agent versions prior to 3.3.0, update to version 3.3.0 or later.