CVE-2020-15838

CVE-2020-15838

EPSS 1.2%

The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://dbeta.com/2020/10/05/PrivilegeEscalationInAutomateAgent https://www.connectwise.com/company/trust/security-bulletins