CVE-2023-37244
Privilege escalation in N-Able's AutomationManagerAgent
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The affected AutomationManager.AgentService.exe application contains a TOCTOU race condition vulnerability that allows standard users to create a pseudo-symlink at C:\ProgramData\N-Able Technologies\AutomationManager\Temp, which could be leveraged by an attacker to manipulate the process into performing arbitrary file deletions. We recommend upgrading to version 2.91.0.0
La aplicación AutomationManager.AgentService.exe afectada contiene una vulnerabilidad de condición de ejecución TOCTOU que permite a los usuarios estándar crear un pseudoenlace simbólico en C:\ProgramData\N-Able Technologies\AutomationManager\Temp, que un atacante podría aprovechar para manipular el proceso. realizar eliminaciones arbitrarias de archivos. Recomendamos actualizar a la versión 2.91.0.0
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2023-06-29 CVE Reserved
- 2024-05-02 CVE Published
- 2024-05-03 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
- CAPEC-233: Privilege Escalation
References (1)
URL | Tag | Source |
---|---|---|
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0016.md |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
N-Able Search vendor "N-Able" | AutomationManagerAgent Search vendor "N-Able" for product "AutomationManagerAgent" | <= 2.80.0.1 Search vendor "N-Able" for product "AutomationManagerAgent" and version " <= 2.80.0.1" | en |
Affected
|