Vulnerability Details CVE-2023-27470
BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.9%
CVSS Severity
CVSS v3 Score 7.0
References
Products affected by CVE-2023-27470
-
cpe:2.3:a:n-able:take_control:-
-
cpe:2.3:a:n-able:take_control:7.0.41.1141
-
cpe:2.3:o:microsoft:windows:-