Automox: >> Automox Security Vulnerabilities
The Automox Agent before 40 on Windows incorrectly sets permissions on key files.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-10-21
Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process.
CVSS Score
7.0
EPSS Score
0.001
Published
2022-07-01
Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-04-13
Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. NOTE: this issue exists because of a CVE-2021-43326 regression.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-12-15
Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory.
CVSS Score
7.8
EPSS Score
0.015
Published
2021-12-15
Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-04-23
Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing sensitive files, which could be brute-forced by an attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent.
CVSS Score
3.7
EPSS Score
0.002
Published
2021-04-23