27 matches found
EUVD-2022-29896
Malicious code in bioql PyPI...
EUVD-2022-29895
Malicious code in bioql PyPI...
A week in security (June 13 – June 19)
Last week on Malwarebytes Labs: Serious vulnerabilities found in ITarian software, patches available for SaaS products Update Chrome now: Four high risk vulnerabilities found Taking down the IP2Scam tech support campaign Don’t panic! “Unpatchable” Mac vulnerability discovered Introducing...
Serious vulnerabilities found in ITarian software, patches available for SaaS products
Dutch research group DIVD has identified multiple vulnerabilities in ITarian products. In cooperation with DIVD, ITarian has made patches available to deal with these vulnerabilities for its SaaS platform. Software as a service SaaS is a software distribution model in which a cloud provider hosts...
CVE-2022-25152
The ITarian platform SAAS / on-premise offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor with a...
CVE-2022-25153
The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup...
CVE-2022-25153
The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup...
CVE-2022-25151
Within the Service Desk module of the ITarian platform SAAS and on-premise, a remote attacker can obtain sensitive information, caused by the failure to set the HTTP Only flag. A remote attacker could exploit this vulnerability to gain access to the management interface by using this vulnerabilit...
CVE-2022-25152
The ITarian platform SAAS / on-premise offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor with a...
Design/Logic Flaw
The ITarian platform SAAS / on-premise offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor with a...
Design/Logic Flaw
The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup...
Cross site scripting
Within the Service Desk module of the ITarian platform SAAS and on-premise, a remote attacker can obtain sensitive information, caused by the failure to set the HTTP Only flag. A remote attacker could exploit this vulnerability to gain access to the management interface by using this vulnerabilit...
ITarian 安全漏洞
ITarian is a remote access and IT management solution from ITarian, Inc. It helps organizations connect and communicate with their customers and employees, facilitating remote file access, system monitoring, troubleshooting and operations management across teams. ITarian has a security...
ITarian 安全漏洞
ITarian is a remote access and IT management solution from ITarian, Inc. It helps organizations connect and communicate with their customers and employees, facilitating remote file access, system monitoring, troubleshooting and operations management across teams. A security vulnerability exists i...
ITarian Saas platform 安全漏洞
ITarian is a remote access and IT management solution from ITarian, Inc. that helps organizations connect and communicate with their customers and employees, facilitating remote file access, system monitoring, troubleshooting and operations management across teams. A security vulnerability exists...
CVE-2022-25151 ITarian - Session cookie not protected by HttpOnly flag
Within the Service Desk module of the ITarian platform SAAS and on-premise, a remote attacker can obtain sensitive information, caused by the failure to set the HTTP Only flag. A remote attacker could exploit this vulnerability to gain access to the management interface by using this vulnerabilit...
CVE-2022-25152
The CVE-2022-25152 entry concerns ITarian’s platform (SaaS and on-premise) where a flaw in the agent-Run code workflow (procedures) allows bypassing the mandatory approval process. Versions before 6.35.37347.20040 are affected; a user with a valid session token can create a procedure, bypass appr...
CVE-2022-25152 ITarian - Any user with a valid session token can create and execute agent procedures and bypass mandatory approvals
The ITarian platform SAAS / on-premise offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor with a...
CVE-2022-25153 ITarian - Local privilege escalation in Endpoint Manager agent on Windows
The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup...
CVE-2022-25152 ITarian - Any user with a valid session token can create and execute agent procedures and bypass mandatory approvals
The ITarian platform SAAS / on-premise offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor with a...