CVE-2020-25094

Name of the Vulnerable Software and Affected Versions LogRhythm Platform Manager version 7.4.9

Description The issue allows for Command Injection, where an attacker can inject arbitrary program names and arguments into a WebSocket. These commands are then forwarded to any remote server with a LogRhythm Smart Response agent installed, running with LocalSystem privileges by default.

Recommendations For LogRhythm Platform Manager version 7.4.9, consider disabling the WebSocket functionality until a patch is available to prevent command injection attacks. Restrict access to the LogRhythm Smart Response agent to minimize the risk of exploitation. Avoid using the vulnerable version of the LogRhythm Platform Manager until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.