Vulnerabilities

CVE-2022-25153

by Fred · 08/06/2022

The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup.

Date published : 2022-06-08

https://csirt.divd.nl/CVE-2022-25153

https://csirt.divd.nl/cases/DIVD-2021-00037

Similar

Tags: Cybersecurity Alert