CVE-2024-1618

Name of the Vulnerable Software and Affected Versions Faronics Deep Freeze Server Standard versions 8.30.020.4627 and earlier

Description A search path or unquoted item vulnerability affects the DFServ.exe file, allowing an attacker with local user privileges to replace the legitimate DFServ.exe service executable with a malicious file of the same name. This enables the attacker to execute arbitrary code, gain unauthorized access to the compromised system, or stop the service from running when it starts.

Recommendations For versions 8.30.020.4627 and earlier, consider disabling the DFServ.exe service until a patch is available to prevent exploitation. Restrict access to the directory containing the DFServ.exe file to minimize the risk of replacing the legitimate executable with a malicious one. At the moment, there is no information about a newer version that contains a fix for this vulnerability.