PT-2022-17105 · Itarian · Itarian Endpoint Manage Communication Client

Name of the Vulnerable Software and Affected Versions: ITarian Endpoint Manage Communication Client versions prior to 6.43.41148.21120 Description: The issue is related to the ITarian Endpoint Manage Communication Client being compiled with insecure OpenSSL settings. This allows a malicious actor...

CVE-2022-25153

The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup...