CVE-2020-15592

Name of the Vulnerable Software and Affected Versions SteelCentral Aternity Agent versions prior to 11.0.0.120

Description The issue allows for privilege escalation via a crafted file. It involves an executable running as a high-privileged Windows service that performs administrative tasks and collects data from other processes. The software uses Inter-Process Communication (IPC) primitives to enable different processes to cooperate, and it allows the loading of arbitrary plugins (C# assemblies) from a specific directory. A directory traversal vulnerability exists in the way plugins are resolved, as the name of the DLL is concatenated with the ".plugins" string.

Recommendations For versions prior to 11.0.0.120, update to version 11.0.0.120 or later to resolve the issue. As a temporary workaround, consider restricting access to the "%PROGRAMFILES(X86)%/Aternity Information Systems/Assistant/plugins" directory to minimize the risk of exploitation. Avoid using the plugin loading functionality until the issue is resolved.