Home / os / winme

RSA NetWitness Endpoint EDR Agent 12.x Incorrect Access Control / Code Execution

Posted on 25 March 2023

RSA NetWitness Endpoint EDR Agent version 12.x suffers from incorrect access controls that allow for code execution. It allows local users to stop the Endpoint Windows agent from sending the events to a SIEM or make the agent run user-supplied commands.

 

TOP