Filtered by vendor Atera
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-37243 | 2 Atera, Microsoft | 2 Agent Package Availability, Windows | 2023-11-08 | 7.8 High |
| The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges. | ||||
| CVE-2023-26077 | 2 Atera, Microsoft | 2 Atera, Windows | 2023-08-01 | 7.8 High |
| Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions. | ||||
| CVE-2023-26078 | 2 Atera, Microsoft | 2 Atera, Windows | 2023-08-01 | 7.8 High |
| Privilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs. | ||||
Page 1 of 1.