Beyondtrust: Security Vulnerabilities
Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-04-17
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-10-26
Page 4