An 'Escalation of Privilege' security vulnerability was found in SecureAge Security Suite software that allowed file creation, modification and deletion in Microsoft Windows privileged file path location.
-
Products
-
Solutions
-
Resources
-
Company
-
Technology
-
Partners
-
Products
-
Endpoint software
-
-
Solutions
-
By industry
-
By size
-
For compliance
-
-
Resources
-
Resource library
-
Support
-
-
Company
-
About us
-
Contact us
-
-
Technology
-
Our technology
-
Our research
-
-
Partners
-
Partners
-
[Resolved] Escalation of Privilege
Summary
Vulnerability Details
An Windows logged in user could exploit this vulnerability by creating specific symbolic links on the system, which can then lead to the creation, modification and deletion of files located in privileged file path locations when the SecureAge software was running.
Affected Products
SecureAge software versions 7.0.37, 7.1.10, 8.0.17, 8.1.17 and earlier.
Recommendations
SecureAge recommends that users update their exisiting SecureAge software to versions 7.0.38, 7.1.11, 8.0.18, 8.1.18 or later.
Acknowledgements
SecureAge would like to thank GovTech Cyber Security Group (CSG) and CSA Cyber Security Engineering Centre (CSEC) for discovering this issue.
SecureAge and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.
SecureAge and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.