CVE-2020-15838

CVE-2020-15838

EPSS 1.2%

The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent https://www.connectwise.com/company/trust/security-bulletins