Design/Logic Flaw

2017-10-2618:29:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.3%

JSON

The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.

CPENameOperatorVersion
remote_supporteq15.2.1
remote_supporteq15.2.2
remote_supporteq16.1.1
remote_supporteq16.1.2
remote_supporteq16.1.3
remote_supporteq16.1.4
remote_supporteq16.2.1
remote_supporteq16.2.2

Name	Operator	Version
remote_support	eq	15.2.1
remote_support	eq	15.2.2
remote_support	eq	16.1.1
remote_support	eq	16.1.2
remote_support	eq	16.1.3
remote_support	eq	16.1.4
remote_support	eq	16.2.1
remote_support	eq	16.2.2