366 matches found
CVE-2020-8884
The CVE-2020-8884 issue affects the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) prior to version 7.9. The root cause is improper deserialization over named pipes in rcdsvc, which enables remote authenticated users to execute arbitrary code with SYSTEM pri...
CVE-2020-8884
rcdsvc in the Proofpoint Insider Threat Management Windows Agent formerly ObserveIT Windows Agent before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes...
CVE-2020-10658
The CVE-2020-10658 issue affects Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to 7.9.1. The WriteImage API vulnerability arises from improper deserialization, allowing an unauthenticated remote attacker to execute arbitrary code with local administrator privileges...
CVE-2020-10658
The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is...
CVE-2020-10657
Summary (CVE-2020-10657): Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to version 7.9.1 contains a vulnerability in the ITM web console’s ImportAlertRules feature. The issue is caused by improper deserialization, allowing an authenticated remote attacker with admi...
CVE-2020-10657
The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker with admin or config-admin privileges in the console to execute arbitrary code with local...
CVE-2020-10656
The CVE-2020-10656 entry concerns the Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to version 7.9.1. A vulnerability exists in the ITM application server’s WriteWindowMouseWithChunksV2 API caused by improper deserialization, enabling an anonymous remote attacker t...
CVE-2020-10656
The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. Th...
CVE-2020-10655
CVE-2020-10655 affects Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1. The ITM app server's WriteWindowMouse API suffers from improper deserialization, allowing an anonymous remote attacker to execute arbitrary code with local administrator privileges. Root c...
CVE-2020-10655
The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The...
Proofpoint Insider Threat Management Windows Agent 代码问题漏洞
Proofpoint Insider Threat Management Server is a server-side application from Proofpoint, Inc. for preventing malicious operations by enterprise insiders. A remote code execution vulnerability exists in the WriteWindowMouseWithChunksV2 API in Proofpoint Insider Threat Management Server versions...
Proofpoint Insider Threat Management Windows Agent 代码问题漏洞
Proofpoint Insider Threat Management Server is a server-side application from Proofpoint, Inc. for preventing malicious operations by enterprise insiders. A remote code execution vulnerability exists in the WriteWindowMouse API in Proofpoint Insider Threat Management Server versions prior to 7.9....
Proofpoint Insider Threat Management Windows Agent 代码问题漏洞
Proofpoint Insider Threat Management Server is a server-side application from Proofpoint, Inc. for preventing malicious operations by enterprise insiders. A remote code execution vulnerability exists in the ImportAlertRules feature of the ITM Web Console in Proofpoint Insider Threat Management...
Proofpoint Insider Threat Management Windows Agent 代码问题漏洞
Proofpoint Insider Threat Management Server is a server-side application from Proofpoint, Inc. for preventing malicious operations by enterprise insiders. A remote code execution vulnerability exists in the WriteImage API of Proofpoint Insider Threat Management Server versions prior to 7.9.1. The...
Proofpoint Insider Threat Management Windows Agent Code Issue Vulnerability
Proofpoint Insider Threat Management Server is a server-side application from Proofpoint, Inc. that is used to prevent malicious operations by enterprise insiders. A security vulnerability exists in Proofpoint Insider Threat Management Windows Agent before 7.9 that allows a remotely authenticated...
MFA Bypass Bugs Opened Microsoft 365 to Attack
Bugs in the multi-factor authentication system used by Microsoft’s cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system, according to researchers at Proofpoint. The flaws exist in the implementation o...
Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool
The APT known as TA410 has added a modular remote-access trojan RAT to its espionage arsenal, deployed against Windows targets in the United States’ utilities sector. According to researchers at Proofpoint, the RAT, called FlowCloud, can access installed applications and control the keyboard,...
Proofpoint Email Protection Input Validation Error Vulnerability
Proofpoint Email Protection is a suite of email protection solutions from US-based Proofpoint. The product supports features such as malware and email fraud detection. A security vulnerability exists in Proofpoint Email Protection 2019-09-08 and prior versions. Detailed vulnerability details are...
CVE-2019-20634
An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails tha...
CVE-2019-20634
An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails tha...