Security Advisory

CVE-2022-25153

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-08 00:00:00

Last updated 2025-03-11 13:39:17

Assigner DIVD

State PUBLISHED

Description

The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup.

← Browse all CVEs View on cve.org ↗