AutomationManager Race Condition Vulnerability Could Lead to Arbitrary File Deletions
CVE-2023-37244

5.3MEDIUM

Key Information:

Vendor: N-able
Status: Automationmanageragent
Vendor: CVE Published:; 2 May 2024

What is CVE-2023-37244?

The AutomationManager.AgentService.exe application is vulnerable to a time-of-check-to-time-of-use (TOCTOU) race condition. This flaw allows standard users to create pseudo-symlinks in the Temp directory, located at C:\ProgramData\N-Able Technologies\AutomationManager\Temp. An attacker can exploit this vulnerability to manipulate the process, resulting in arbitrary file deletions. It is essential for organizations utilizing the affected software to upgrade to version 2.91.0.0 to mitigate this risk.

Affected Version(s)

AutomationManagerAgent Windows 0 <= 2.80.0.1

References

https://github.com/mandiant/Vulnerability-Disclosures/blo...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2024
Vulnerability Reserved
Jun 29, 2023

N-able

What is CVE-2023-37244?

Affected Version(s)

References

CVSS V3.1

Timeline