AutomationManager Race Condition Vulnerability Could Lead to Arbitrary File Deletions
CVE-2023-37244

5.3MEDIUM

Key Information:

Vendor: N-able
Status: Automationmanageragent
Vendor: CVE Published:; 2 May 2024

Summary

The AutomationManager.AgentService.exe application is vulnerable to a time-of-check-to-time-of-use (TOCTOU) race condition. This flaw allows standard users to create pseudo-symlinks in the Temp directory, located at C:\ProgramData\N-Able Technologies\AutomationManager\Temp. An attacker can exploit this vulnerability to manipulate the process, resulting in arbitrary file deletions. It is essential for organizations utilizing the affected software to upgrade to version 2.91.0.0 to mitigate this risk.

Affected Version(s)

AutomationManagerAgent Windows 0 <= 2.80.0.1

References

https://github.com/mandiant/Vulnerability-Disclosures/blo...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 2, 2024
Vulnerability Reserved
Jun 29, 2023