CVE-2024-36072

Name of the Vulnerable Software and Affected Versions Netwrix CoSoSys Endpoint Protector versions 5.9.3 and earlier CoSoSys Unify versions 7.0.6 and earlier

Description The issue concerns a remote code execution vulnerability in the logging component of the server application. This vulnerability allows an unauthenticated remote attacker to send a malicious request, resulting in the ability to execute system commands with root privileges.

Recommendations For Netwrix CoSoSys Endpoint Protector versions 5.9.3 and earlier, update to a version later than 5.9.3 to resolve the issue. For CoSoSys Unify versions 7.0.6 and earlier, update to a version later than 7.0.6 to resolve the issue. As a temporary workaround, consider restricting access to the logging component of the Endpoint Protector and Unify server application to minimize the risk of exploitation.