274 matches found
CVE-2025-4660
A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without...
CVE-2025-3599
Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user...
CVE-2025-3599 Symantec Endpoint Protection Elevation of Privilege
Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user...
Broadcom Symantec Endpoint Protection Windows Agent 安全漏洞
Broadcom Symantec Endpoint Protection Windows Agent is a client component of an endpoint security solution from Broadcom, Inc. A security vulnerability exists in Broadcom Symantec Endpoint Protection Windows Agent versions prior to 119.1.7.8, which stems from an elevation of privilege vulnerabili...
Cortex XDR Agent: Local Windows User Can Disable the Agent
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This vulnerability can also be leveraged by malware to disable the Cortex XDR agent and then perform malicious activit...
SUSE CVE-2024-35177
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...
CVE-2024-20430
A vulnerability in Cisco Meraki Systems Manager SM Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges. This vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this...
CVE-2024-0670
Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 EOL allows local user to escalate privileges...
CVE-2024-35177
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...
CVE-2024-35177 Improper Access Control in wazuh-agent
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...
PT-2025-2436 · Wazuh +1 · Wazuh +1
Name of the Vulnerable Software and Affected Versions: Wazuh versions prior to 4.9.0 Description: The issue is related to improper access control in the Wazuh agent for Windows, allowing a local malicious user to potentially exploit this vulnerability by placing a specially crafted DLL file in th...
PT-2025-5585 · Acronis · Acronis Cyber Protect Cloud Agent
Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Cloud Agent Windows versions prior to build 39378 Description: The issue is related to a local privilege escalation due to a DLL hijacking vulnerability. This vulnerability affects Acronis Cyber Protect Cloud Agent...
Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element
Overview Trend Micro Incorporated has released the security updates for Deep Security 20.0 Agent for Windows that contains a fix for an uncontrolled search path element vulnerability CWE-427, CVE-2024-55955. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the...
CVE-2024-38864
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...
CVE-2024-38864 User-Readable Private Key in Windows Agent
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...
CVE-2024-38864
CVE-2024-38864 concerns incorrect permissions on the Checkmk Windows Agent data directory, allowing a local attacker to read sensitive data. Affected are Checkmk Windows Agent implementations prior to 2.3.0p23, prior to 2.2.0p38, and earlier than or equal to 2.1.0p49 (EOL). The issue is local and...
CVE-2024-38864 User-Readable Private Key in Windows Agent
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...
CVE-2024-38864 User-Readable Private Key in Windows Agent
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk that stems from incorrect permissions on the Checkmk Windows Agent data directory, allowing a local attacker to read sensitive data...
PT-2024-28245 · Checkmk · Checkmk
Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p23 Checkmk versions prior to 2.2.0p38 Checkmk versions prior to or equal to 2.1.0p49 Description: The issue is related to incorrect permissions on the Checkmk Windows Agent's data directory, allowing a local...