Ncp-E: >> Secure Enterprise Client >> 10.14 Security Vulnerabilities
Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\Temp\NcpSupport* location.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-12-25
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-12-09
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents of arbitrary files on the operating system by creating a symbolic link.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-12-09
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts.
CVSS Score
6.5
EPSS Score
0.0
Published
2023-12-09
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to read registry information of the operating system by creating a symbolic link.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-12-09
NCP Secure Enterprise Client before 10.15 r47589 allows a symbolic link attack on enumusb.reg via Support Assistant.
CVSS Score
7.8
EPSS Score
0.002
Published
2020-07-28