Vulnerabilities

To help protect fellow Ottomators in the Automox Community, we're all on neighborhood watch. Please share any new vulnerabilities or fixes you find!

  • 73 Topics
  • 56 Replies

73 Topics

F
Funsho SalawuRookie
asked in Vulnerabilities

What is the Link between Automox and Copycat?

Hi All,We had a strange pop-up on devices during/after a recent deployment using Automox. The message came from an application or executable called CopyCat (followed by a image of a white cat holding silver keys).For our piece of mind, can anyone confirm if this is a standard component of Automox, or do I need to be worried?Advise would be appreciated.

3
JasonK-Automox
1 month ago
J
jhoyleRookie
asked in Vulnerabilities

Dashboard not refreshing or not synching

The dashboard was working great however over the last couple of days it is showing that I have more patches to apply than I really need. For example it shows I have 23 new patches that are critical but when I click on the 23 then go to open up devices needing any of these patches the lists are empty. It’s been this way for a couple of days now. Is there something that updates the dashboard that is separate from the device scans? With the devices showing they do not need this patch but the dashboard showing the 23 critical updates for different devices something is obviously not in synch. Thanks

5
jack.smith
2 months ago
S
SophiaAXCommunity Manager
published in Vulnerabilities

Protect Your Systems: Critical Vulnerability in Upstream xz/liblzma Package

It wouldn’t be a highly anticipated long weekend without a vulnerability popping up to kick it off! 🙃A significant potential exploit, CVE-2024-3094 with a CVSS score of 10.0, has been uncovered in the upstream xz/liblzma package, raising serious concerns about the security of SSH servers. Read on for remediation tips and the latest information.We’ve dropped info on who is affected, what remediation steps you can take now, and where to find more information in this blog post. Have questions or updates that we haven’t caught yet? Let us know.Stay vigilant and secure - and don’t let this ruin your weekend! 

280
S
3 months ago
S
SophiaAXCommunity Manager
asked in Vulnerabilities

FINAL ROUND: Log4Shell vs Chrome Zero Day | March Vulnerabilities Mayhem

We have reached the final round of March Mayhem where your votes decide which vulnerability is the most infamous! 🎉 Check out the full bracket… Cast your final vote!!

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Vulnerabilities Mayhem: Chrome Zero Day vs Spectre

Cast your vote for this March Mayhem matchup! 👇You already know Automox has your back when it comes to staying safe from these critical vulnerabilities and keep your apps up to date! 

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Vulnerabilities Mayhem: Confluence Code Injection vs Log4Shell

Cast your vote for this March Mayhem matchup! 👇You already know Automox has your back when it comes to staying safe from these critical vulnerabilities! 

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 3: My Guess is Log4Shell Takes it All

We have made it to the last two rounds of March Mayhem where we pit the most infamous vulnerabilities against each other! Make sure to cast your votes before this Thursday! My prediction is that Log4Shell takes the cake! Confluence Code Injection vs Log4ShellChrome Zero Day vs SpectrePlus, if you start a free 15-day trial and add an endpoint in March, not only will you learn how to reclaim hours in your workday (in just 15 minutes), but you’ll also qualify to win grand prizes! More details here!

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 2: Spectre vs BlueKeep

Cast your vote for this matchup of March Mayhem! 👇P.S. Automox provides a script to disable remote desktop protocol and mitigate the BlueKeep vulnerability

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 2: Chrome Zero Day vs Zerologon

Cast your vote for this matchup of March Mayhem! 👇Automox has your back when it comes to mitigation and remediation by keeping all of your software patched and up to date! 

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 2: Eternal Blue vs Log4Shell

Cast your vote for this matchup of March Mayhem! 👇Did you know that Automox helps you deep scan and fix the critical Log4Shell vulnerability with easy to use automation scripts?!

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 2: Leaky Vessels vs Confluence Code Injection

Cast your vote for this matchup of March Mayhem! 👇Heads up, Automox can help you stay safe from BOTH of these vulnerabilities by keeping your apps up to date!

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Vulnerabilities Mayhem Round 2!

Last week, we completed round 1 of the March Vulnerabilities Mayhem bracket! Here is how we’re looking one step closer to finding the most infamous vulnerability…Keep an eye out today for the next round of matchups so you can VOTE here and.or on LinkedIn! Plus, if you start a free 15-day trial and add an endpoint in March, not only will you learn how to reclaim hours in your workday (in just 15 minutes), but you’ll also qualify to win grand prizes! More details here!VOTE HERE:Spectre vs BlueKeep Chrome Zero Day vs Zerologon Eternal Blue vs Log4Shell Leaky Vessels vs Confluence Code Injection

0
S
4 months ago
S
Stuart LairdRookie
asked in Vulnerabilities

Patching already running software

Does the autogenerated worklet for Patch Only use the MSIRESTARTMANAGERCONTROL=”Disable” flag for attempting to patch running software or can we have an option to enable that? Given modern compliance requires patching Critical in 2 days rolling the dice on a first checkin Patch policy to try to beat autostart software is not viable.  Using Worklets is also not viable as they would require manual updating when a new patch became available. What are people doing, or what is considered best practise for things like Teams Machine-Wide, WebEx and Zoom.  We use WebEx for our phones and Zoom and Teams and whatever other client meeting software is required.

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 1: BlueKeep vs Shellshock

Welcome to Round 1 of March Mayhem, where the most infamous vulnerabilities face off! Next up we have… BlueKeep - CVE-2019-0708 Shellshock - CVE-2014-6271  🚀 P.S. Use this Automox Worklet to disable remote desktop protocol and mitigate the BlueKeep vulnerability! Cast your vote now!

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 1: Meltdown vs Spectre

Welcome to Round 1 of March Mayhem, where the most infamous vulnerabilities face off! Next up we have… Meltdown - CVE-2017-5754 Spectre - CVE-2017-5753 (Spectre-V1), CVE-2017-5715 (Spectre-V20) Cast your vote now!

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 1: Zerologon vs Heartbleed

Welcome to Round 1 of March Mayhem, where the most infamous vulnerabilities face off! Next up we have…Zerologon - CVE-2020-1472 Heartbleed - CVE-2014-0160💥 P.S. Automox can help you apply critical security updates to stay safe from the Zerologon vulnerability!Cast your vote now!

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 1: Chrome Zero Day vs Apache Struts

Welcome to Round 1 of March Mayhem, where the most infamous vulnerabilities face off! Next up we have…Chrome Zero Day - CVE-2022-0609 Apache Struts  - CVE-2023-50164💥 P.S. Automox helps keep your Google Chrome software patched and up to date! Cast your vote now!

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 1: Log4Shell vs Spring4Shell

Welcome to Round 1 of March Mayhem, where the most infamous vulnerabilities face off! Next up we have…Log4Shell - CVE-2021-44228 Spring4Shell - CVE-2022-22965💥 P.S. Automox helps you deep scan and fix the critical Log4Shell vulnerability with Worklets! Cast your vote now!

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 1: Follina vs Eternal Blue

Welcome to Round 1 of March Mayhem, where the most infamous vulnerabilities face off! Next up we have…Follina - CVE-2022-30190 Eternal Blue - MS17-010P.S. Automox provides a Follina Zero Day workaround!Cast your vote now!

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Mayhem Round 1: Confluence Code Injection vs Nimda

Welcome to Round 1 of March Mayhem, where the most infamous vulnerabilities face off! Next up we have…Atlassian Confluence Code Injection - CVE-2022-26134 Nimda - MS01-023💥 P.S. Automox can help you keep Atlassian apps updated to avoid that Confluence code injection vulnerability AND standardize Windows Firewall configuration!Cast your vote now! 

0
S
4 months ago
S
SophiaAXCommunity Manager
posted in Vulnerabilities

March Vulnerabilities Mayhem: Your Votes Decide Which Vulnerability is the Most Infamous

We’re celebrating March Mayhem all month long by pitting the most notorious vulnerabilities against each other! Which one was the most infamous? Your votes decide it! Round 1 starts TODAY and new rounds start every Monday this month. You can vote on LinkedIn or in the Automox Community. Want to vote on all three platforms? We won’t tell. We’ll tally up the votes and update the bracket at the end of every week. Along the way, we’ll share extra information about which Automox fixes can keep you safe from those dangerous vulnerabilities. Check out the starting bracket and vote in our first matchup! Round 1 is ready! Let’s go! 👇 P.S. Automox can help you fix the Leaky Vessels vulnerability by keeping Docker, Docker-CE, and Buildx up to date! 👇

0
S
4 months ago
A
AakashRookie
asked in Vulnerabilities

How to patch the unmatched vulnerabilities in automox

Hello Everyone, I want to know that how we can patch the vulnerabilities which is unmatched in the automox, I import the tenable result csv in automox and automox is able to find only 1 patchable vulnerabilities and there is almost 67 unmatched vulnerabilities, so how can we patch that.

3
MarkH-Automox
5 months ago
A
AakashRookie
asked in Vulnerabilities

Patch Execution through api give 404 error

Actually I export the csv from tenable and import to the automox via api and the csv is uploaded successfully, but when I try to patch the vulnerabilities it give 404 not found error{  "actions": [    {      "action": "patch-with-worklet",      "solutionId": 5169549,        "devices": [        2859677      ],      "workletId": 157    }  ]} this is the body part which I added to patch the vulnerability and I also check that the device id, solution id and worklet id all are correct, then why it give me error as 404 not found So how can I resolve this issue  I use this url endpoint "https://console.automox.com/api/orgs/105757/action-sets/105072/actions"for executing the patch."https://console.automox.com/api/worklet-catalog?page=0&limit=500" and use this url to get the worklet id."https://console.automox.com/api/orgs/105757/remediations/action-sets/107894/solutions?page=2" and use this to get device id and solution id.Please let me know if there is wrong in something this or there is

1
S
5 months ago
R
rav001Rookie
asked in Vulnerabilities

Update Available Status

When does the “update available” status go away? I have rejected it from this device that is assigned to a manual approval policy. Do I have to ignore it at a device level? Even if it says update available, that doesn't mean it will install, correct? What does the status change to if the update is approved for install and the device is pending install? SQL Update has been ignored at policy level 

0
R
5 months ago
S
smaamaRookie
asked in Vulnerabilities

Computer showing up on the dashboard as Unknown

All the computers on our internal network with automox agent installed are showing in dashboard but with no data and reporting as “Unknown”. Not sure if it firewall but I’m assuming it is not because they show up on the dashboard. I also manually disabled the firewall. Ican reach all the automox site from the affected computers. Below is the log. Any assistance would be appreciated.==============================================================================2024/02/06 20:15:50 loop_windows.go:16: Using powershell located at C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe2024/02/06 20:15:52 loop_windows.go:16: Using powershell located at C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe2024/02/06 20:15:52 loop.go:101: HTTP Client Starting2024/02/06 20:15:52 mqclient.go:164: loaded 1 mqurls2024/02/06 20:15:54 settings.go:219: Cipher too short, value likely not encrypted2024/02/06 20:15:55 settings.go:219: Cipher too short, value likely not encrypted2024/02/06 20:15:55

0
S
5 months ago
Terms & ConditionsCookie settings