Eracent: >> Epa Agent Security Vulnerabilities
An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from the filesystem to other locations via Symbolic Link Following.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-22
An issue was discovered in Eracent EPA Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be used to start external programs with elevated permissions because of an Untrusted Search Path.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-11-22