Atera Agent Package Availability up to 0.14.0.0 on Windows Agent.Package.Availability.exe temp file
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.7 | $0-$5k | 0.00 |
Summary
A vulnerability marked as critical has been reported in Atera Agent Package Availability up to 0.14.0.0 on Windows. This affects an unknown function of the file C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe. This manipulation causes temp file. This vulnerability is tracked as CVE-2023-37243. The attack is restricted to local execution. No exploit exists. It is suggested to upgrade the affected component.
Details
A vulnerability was found in Atera Agent Package Availability up to 0.14.0.0 on Windows. It has been declared as critical. Affected by this vulnerability is an unknown code of the file C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe. The manipulation with an unknown input leads to a temp file vulnerability. The CWE definition for the vulnerability is CWE-379. The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:
The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges.
The weakness was disclosed 10/31/2023 by Andrew Oliveau as MNDT-2023-0010. It is possible to read the advisory at github.com. This vulnerability is known as CVE-2023-37243 since 06/29/2023. Technical details of the vulnerability are known, but there is no available exploit.
Upgrading to version 0.15.0.0 eliminates this vulnerability.
Be aware that VulDB is the high quality source for vulnerability data.
Product
Vendor
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.8VulDB Meta Temp Score: 7.7
VulDB Base Score: 7.8
VulDB Temp Score: 7.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.8
NVD Vector: 🔍
CNA Base Score: 7.8
CNA Vector (Google Inc.): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Temp fileCWE: CWE-379 / CWE-377
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Agent Package Availability 0.15.0.0
Timeline
06/29/2023 🔍10/31/2023 🔍
10/31/2023 🔍
09/05/2024 🔍
Sources
Advisory: MNDT-2023-0010Researcher: Andrew Oliveau
Status: Confirmed
CVE: CVE-2023-37243 (🔍)
GCVE (CVE): GCVE-0-2023-37243
GCVE (VulDB): GCVE-100-244087
Entry
Created: 10/31/2023 16:00Updated: 09/05/2024 22:34
Changes: 10/31/2023 16:00 (52), 11/24/2023 16:25 (1), 09/05/2024 22:34 (25)
Complete: 🔍
Cache ID: 216::103
Be aware that VulDB is the high quality source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.