CVE-2016-9485

Name of the Vulnerable Software and Affected Versions SecureConnector agent (affected versions not specified)

Description The issue concerns the SecureConnector agent's handling of downloaded files. When the agent downloads plugin scripts and executables from the CounterACT management appliance, it fails to set any permissions on these files. This allows a malicious user to take ownership of the files, modify them, and then have them executed under SYSTEM privileges. A malicious unprivileged user can overwrite the executable files with malicious code before the SecureConnector agent executes them, resulting in the malicious code being run under the SYSTEM account.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.