Lucene search
K

4 matches found

Malwarebytes
Malwarebytes
added 2022/06/13 12:25 p.m.33 views

Serious vulnerabilities found in ITarian software, patches available for SaaS products

Dutch research group DIVD has identified multiple vulnerabilities in ITarian products. In cooperation with DIVD, ITarian has made patches available to deal with these vulnerabilities for its SaaS platform. Software as a service SaaS is a software distribution model in which a cloud provider hosts...

9CVSS8.6AI score0.01656EPSS
Exploits0
OSV
OSV
added 2022/06/09 5:15 p.m.3 views

CVE-2022-25153

The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup...

7.8CVSS5.8AI score0.0034EPSS
Exploits0References2
CVE
CVE
added 2022/06/08 12:0 a.m.73 views

CVE-2022-25153

The CVE-2022-25153 entry concerns the ITarian Endpoint Manage Communication Client. Affected software prior to version 6.43.41148.21120 is compiled with insecure OpenSSL settings, enabling a low-privilege attacker to escalate to SYSTEM by abusing an insecure openssl.conf lookup. Patches exist: up...

7.8CVSS7.9AI score0.0034EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/06/08 12:0 a.m.23 views

CVE-2022-25153 ITarian - Local privilege escalation in Endpoint Manager agent on Windows

The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup...

7.8CVSS7.9AI score0.0034EPSS
Exploits0References2
Rows per page
Query Builder