CVE-2019-19895

Name of the Vulnerable Software and Affected Versions IXP EasyInstall version 6.2.13723

Description The issue allows for lateral movement using the Agent Service against other users on a client system. An authenticated attacker can modify the EveryLogon.bat file located at %SYSTEMDRIVE%IXPSW[PACKAGE CODE] to achieve this movement and execute code in the context of other users.

Recommendations For IXP EasyInstall version 6.2.13723, consider restricting access to the EveryLogon.bat file to prevent unauthorized modifications until a patch is available. Additionally, monitor system activity for suspicious modifications to this file.