Vulnerabilities (CVE)

Filtered by vendor Atera Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-26077 2 Atera, Microsoft 2 Atera, Windows 2024-10-24 N/A 7.8 HIGH
Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions.
CVE-2023-37243 2 Atera, Microsoft 2 Agent Package Availability, Windows 2024-09-05 N/A 7.8 HIGH
The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges.
CVE-2023-26078 2 Atera, Microsoft 2 Atera, Windows 2024-02-05 N/A 7.8 HIGH
Privilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs.