Remote Code Execution in Zoho ManageEngine AssetExplorer Windows Agent
CVE-2020-8838

6.4MEDIUM

Key Information:

Vendor

Zohocorp
Status
Manageengine Assetexplorer
Vendor
CVE Published:
23 March 2020

What is CVE-2020-8838?

A vulnerability exists in Zoho ManageEngine AssetExplorer 6.5 that allows an attacker on an adjacent network to execute arbitrary code. This is possible during the upgrade of the Windows agent, due to a failure to validate the source and binary of the executable being downloaded. By exploiting this flaw, attackers can execute code with NT AUTHORITY/SYSTEM privileges, posing a significant risk to system integrity and security.

References

https://www.manageengine.com/products/asset-explorer/sp-r...
x_refsource_CONFIRM
http://seclists.org/fulldisclosure/2020/May/29
mailing-listx_refsource_FULLDISC
http://packetstormsecurity.com/files/157612/ManageEngine-...
x_refsource_MISC

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.