CVE-2024-36075

The CoSoSys Endpoint Protector through 5.9.3 and Unify agent through 7.0.6 is susceptible to an arbitrary code execution vulnerability due to the way an archive obtained from the Endpoint Protector or Unify server is extracted on the endpoint. An attacker who is able to modify the archive on the server could obtain remote code execution as an administrator on an endpoint.
Configurations

No configuration.

History

21 Nov 2024, 09:21

Type Values Removed Values Added
References () https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001E5lKAE.html - () https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001E5lKAE.html -

09 Jul 2024, 20:15

Type Values Removed Values Added
Summary (en) Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the application configuration component of the Endpoint Protector and Unify agent which allows a remote, unauthenticated attacker to manipulate the configuration of either their own or another client endpoint resulting in the bypass of certain configuration options. Manipulation of the application configuration can result in local policy bypass and in some scenarios remote code execution. (en) The CoSoSys Endpoint Protector through 5.9.3 and Unify agent through 7.0.6 is susceptible to an arbitrary code execution vulnerability due to the way an archive obtained from the Endpoint Protector or Unify server is extracted on the endpoint. An attacker who is able to modify the archive on the server could obtain remote code execution as an administrator on an endpoint.

03 Jul 2024, 02:02

Type Values Removed Values Added
Summary
  • (es) Netwrix CoSoSys Endpoint Protector hasta 5.9.3 y CoSoSys Unify hasta 7.0.6 contienen una vulnerabilidad de ejecución remota de código en el componente de configuración de la aplicación de Endpoint Protector y el agente Unify que permite a un atacante remoto no autenticado manipular la configuración propia o de otro endpoint del cliente, lo que da como resultado la omisión de ciertas opciones de configuración. La manipulación de la configuración de la aplicación puede dar como resultado la omisión de la política local y, en algunos escenarios, la ejecución remota de código.
CWE CWE-94
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5

27 Jun 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-27 21:15

Updated : 2024-11-21 09:21


NVD link : CVE-2024-36075

Mitre link : CVE-2024-36075

CVE.ORG link : CVE-2024-36075


JSON object : View

Products Affected

No product.

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')