Severity: Critical
CVE ID: CVE-2024-9479
Details
This advisory address a vulnerability in the agent audit process where agent do not audit sub process against allowed applications. Vulnerability reported and patched in the following upKeeper products
Applicability
This advisory is applicable only when
Product Name | Impacted Version(s) | Fixed Version(s) | Released On |
upKeeper Instant Privilege Access | 1.1 and below | 1.2 | 2024-10-30 |
Impact
This vulnerability allows an unallowed subprocess of an application to run in elevated mode.
Fix
This issue can be fixed by updating upKeeper Instant Privilege Access Client to the latest version.
Acknowledgements
Internal
Please contact our security team (secure@upkeeper.se) for security related questions and product support (help@upkeeper.se) for questions about our products or services.
Comments
0 comments
Please sign in to leave a comment.