AutomationManager Race Condition Vulnerability Could Lead to Arbitrary File Deletions
CVE-2023-37244

7HIGH

Key Information:

Vendor: N-able
Status: Automationmanageragent
Vendor: CVE Published:; 2 May 2024

What is CVE-2023-37244?

The AutomationManager.AgentService.exe application is vulnerable to a time-of-check-to-time-of-use (TOCTOU) race condition. This flaw allows standard users to create pseudo-symlinks in the Temp directory, located at C:\ProgramData\N-Able Technologies\AutomationManager\Temp. An attacker can exploit this vulnerability to manipulate the process, resulting in arbitrary file deletions. It is essential for organizations utilizing the affected software to upgrade to version 2.91.0.0 to mitigate this risk.

Affected Version(s)

AutomationManagerAgent Windows 0 <= 2.80.0.1

References

https://github.com/mandiant/Vulnerability-Disclosures/blo...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2024
Vulnerability Reserved
Jun 29, 2023

N-able

What is CVE-2023-37244?

Affected Version(s)

References

CVSS V3.1

Timeline