CVE-2021-43326 and CVE-2021-43325 Local Privilege Escalation in Automox Agent (Windows Only)

  • 13 December 2021
  • 0 replies
  • 517 views

  • Anonymous
  • 0 replies

Hey folks, quick AXAgent update: 

Automox Security and third-party security researchers have discovered two high severity vulnerabilities in the Automox Agent: CVE-2021-43326 and CVE-2021-43325. These vulnerabilities impact Windows devices only. A non-administrative user can leverage these vulnerabilities to read and write content to the Automox execution directory, which can then execute commands with elevated privileges. 

CVE-2021-43325, The Automox Agent Version 33 incorrectly sets permissions on a temporary directory while running in Windows environments. CVE-2021-43325 has a CVSS score of 7.8 (High). Automox has fixed the directory permissions.

CVE-2021-43326, The Automox Agent prior to Version 32 incorrectly sets permissions on a temporary directory while running in Windows environments. CVE-2021-43326 has a CVSS score of 7.8 (High). Automox has fixed the directory permissions.

Starting on Thursday, November 12th we began a phased rollout of the Automox Agent 34 release for all Windows devices.

Responsible Disclosure

Automox takes the security of our product seriously and happily accepts vulnerability reports from independent researchers. If you believe you have found a vulnerability in our product you can report it to our responsible disclosure page here.

Credits for CVE-2021-43326


Greg Foss https://twitter.com/35foss

 

References

https://support.automox.com/help/automox-agent-update-policy

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43325

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43326

 

 


This topic has been closed for comments