Intercom MaLion for Windows and Mac Hard-Coded Encryption Key Vulnerability

Intercom MaLion for Windows and MaLion for Mac are both products of Intercom Japan. Intercom MaLion for Windows is an IT asset management solution based on the Windows platform. maLion for Mac is a version based on the Mac platform. A security vulnerability exists in Intercom MaLion versions 3.2....

Authentication flaw

MaLion for Windows 5.2.1 and earlier only when "Remote Control" is installed and MaLion for Mac 4.0.1 to 5.2.1 only when "Remote Control" is installed allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent...

CVE-2017-10815

MaLion for Windows 5.2.1 and earlier only when "Remote Control" is installed and MaLion for Mac 4.0.1 to 5.2.1 only when "Remote Control" is installed allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent...

CVE-2017-10815

MaLion for Windows 5.2.1 and earlier only when "Remote Control" is installed and MaLion for Mac 4.0.1 to 5.2.1 only when "Remote Control" is installed allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent...

CVE-2017-10818

MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may allow an attacker to alter the connection settings of Terminal Agent and spoof the Relay Service...

Hardcoded credentials

MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may allow an attacker to alter the connection settings of Terminal Agent and spoof the Relay Service...

CVE-2017-10818

MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may allow an attacker to alter the connection settings of Terminal Agent and spoof the Relay Service...

CVE-2017-10818

CVE-2017-10818 affects Intercom MaLion for Windows and Mac (versions 3.2.1–5.2.1). The vulnerability stems from a hard-coded cryptographic key, which may allow an attacker to alter the Terminal Agent’s connection settings and spoof the Relay Service. The NVD entry documents a high/critical risk p...

CVE-2017-10815

MaLion for Windows 5.2.1 and earlier only when "Remote Control" is installed and MaLion for Mac 4.0.1 to 5.2.1 only when "Remote Control" is installed allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent...

CVE-2017-10815

MaLion for Windows 5.2.1 and earlier (only when “Remote Control” is installed) and MaLion for Mac 4.0.1 to 5.2.1 (only when “Remote Control” is installed) have an authentication-bypass vulnerability that allows remote attackers to execute arbitrary commands on the Terminal Agent. The connected CN...