1 results (0.001 seconds)
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 2
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 2CVE-2023-27470
https://notcve.org/view.php?id=CVE-2023-27470
11 Sep 2023 — BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion. BASupSrvcUpdater.exe en N-able Take Control Agent hasta 7.0.41.1141 anterior a 7.0.43 tiene una Condición de Ejecución TOCTOU a través de un pseudoenlace simbólico en %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, lo que lleva a la eliminación arbitraria de archivos. • https://github.com/3lp4tr0n/CVE-2023-27470_Exercise • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •