Summary

An 'Escalation of Privilege' security vulnerability was found in SecureAge Security Suite software that allowed file creation, modification and deletion in Microsoft Windows privileged file path location.

Vulnerability Details

An Windows logged in user could exploit this vulnerability by creating specific symbolic links on the system, which can then lead to the creation, modification and deletion of files located in privileged file path locations when the SecureAge software was running.

Affected Products

SecureAge software versions 7.0.37, 7.1.10, 8.0.17, 8.1.17 and earlier.

Recommendations

SecureAge recommends that users update their exisiting SecureAge software to versions 7.0.38, 7.1.11, 8.0.18, 8.1.18 or later.

Acknowledgements

SecureAge would like to thank GovTech Cyber Security Group (CSG) and CSA Cyber Security Engineering Centre (CSEC) for discovering this issue.

SecureAge and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Our website uses cookies to ensure you get the best experience and can find what you need. Read our cookie policy