November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Cerberus – A new Banking Trojan being sold as Android Malware
August 13, 2019Rewterz Threat Alert – DocuSign Themed Phishing Using Cloud Storage
August 13, 2019Rewterz Threat Alert – Cerberus – A new Banking Trojan being sold as Android Malware
August 13, 2019Rewterz Threat Alert – DocuSign Themed Phishing Using Cloud Storage
August 13, 2019
Severity
Medium
Analysis Summary
ManageEngine Application Manager could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Execute Program Action feature of the Application Manager Plugin. By using a specially-crafted file, an attacker could exploit this vulnerability to gain elevated privileges to execute arbitrary commands on the system.
Impact
Privilege escalation
Affected Vendors
ManageEngine
Remediation
There is no update or patch available for the vulnerability as of yet.