Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-36074

June 27, 2024, 9:15 p.m.

Product(s) Impacted

Netwrix CoSoSys Endpoint Protector

  • up to 5.9.3

CoSoSys Unify

  • up to 7.0.6

Description

Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the Endpoint Protector and Unify agent in the way that the EasyLock dependency is acquired from the server. An attacker with administrative access to the Endpoint Protector or Unify server can cause a client to acquire and execute a malicious file resulting in remote code execution.

Weaknesses

Date

Published: June 27, 2024, 9:15 p.m.

Last Modified: June 27, 2024, 9:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References