CVE-2021-32933

Name of the Vulnerable Software and Affected Versions MDT AutoSave versions prior to v6.02.06

Description An issue exists where an attacker could leverage an API to pass a malicious file, manipulating the process creation command line and potentially running a command line argument. This could allow the attacker to run a malicious process.

Recommendations For versions prior to v6.02.06, update to version v6.02.06 or later to resolve the issue. As a temporary workaround, consider restricting access to the API endpoint used to pass the malicious file until a patch is applied.