Paragonsec

**Name of the Vulnerable Software and Affected Versions** Expedition Migration Tool versions 1.0.106 and earlier **Description** The issue is related to weaknesses in the authentication procedure of the Expedition Migration Tool. This can allow a remote attacker to gain access to protected information. An unauthenticated attacker may be able to enumerate files on the operating system. **Recommendations** For versions 1.0.106 and earlier, update to a version that addresses the authentication weaknesses to prevent unauthorized access and file enumeration. As a temporary workaround, consider restricting access to the Expedition Migration Tool to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cisco Umbrella Enterprise Roaming Client (ERC) (affected versions not specified) **Description** A vulnerability exists due to improper implementation of file system permissions, allowing non-administrative users to place files within restricted directories. An authenticated, local attacker could exploit this by placing an executable file within the restricted directory, which when executed by the ERC client, would run with Administrator privileges. The attacker must authenticate with valid local user credentials to exploit the issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Umbrella Enterprise Roaming Client (ERC) (affected versions not specified) **Description** A vulnerability exists due to improper implementation of file system permissions, allowing non-administrative users to place files within restricted directories. An authenticated, local attacker could exploit this by placing an executable file within the restricted directory, which when executed by the ERC client, would run with Administrator privileges. The attacker must authenticate with valid local user credentials to exploit the issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VMware NSX SD-WAN Edge by VeloCloud versions prior to 3.1.0 **Description** The local web UI component of the software contains a command injection issue. This component is disabled by default and should not be enabled on untrusted networks. The vendor plans to remove this service from the product in future releases. Successful exploitation could result in remote code execution. **Recommendations** For versions prior to 3.1.0, update to version 3.1.0 or later to resolve the issue. As a temporary workaround, consider keeping the local web UI component disabled, especially on untrusted networks, until a patch is applied.