logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2020-8838

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2020-8838

Description:
An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows agent, it does not validate the source and binary downloaded. This allows an attacker on an adjacent network to execute code with NT AUTHORITY/SYSTEM privileges on the agent machines by providing an arbitrary executable via a man-in-the-middle attack.
Last updated date:
10/07/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/07/2022
Reference url to background

http://packetstormsecurity.com/files/157612/ManageEngine-Asset-Explorer-Windows-Agent-Remote-Code-Execution.html

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/07/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy