CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-37243
https://notcve.org/view.php?id=CVE-2023-37243
The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges. El archivo C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe se inicia automáticamente como SYSTEM cuando se reinicia el sistema. Dado que la carpeta C:\Windows\Temp\Agent.Package.Availability hereda permisos de C:\Windows\Temp y Agent.Package.Availability.exe es susceptible al DLL hijacking, los usuarios estándar pueden escribir una DLL maliciosa y elevar sus privilegios. • https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0010.md • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-26077
https://notcve.org/view.php?id=CVE-2023-26077
Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions. • https://github.com/mandiant/Vulnerability-Disclosures https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0008.md https://www.atera.com • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-26078
https://notcve.org/view.php?id=CVE-2023-26078
Privilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs. • https://github.com/mandiant/Vulnerability-Disclosures https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0009.md https://www.atera.com •