CVE-2024-48200

Name of the Vulnerable Software and Affected Versions MobaXterm version 24.2

Description An issue in MobaXterm allows a local attacker to escalate privileges and execute arbitrary code via the remove function of the MobaXterm MSI, which spawns an Administrative cmd (conhost.exe). This enables the attacker to run any code they want.

Recommendations For MobaXterm version 24.2, as a temporary workaround, consider disabling the remove function of the MobaXterm MSI to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.