all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks

Add to bookmarks
July 24, 2023, 1:01 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks.
The flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078, with the issues remediated in versions 1.8.3.7 and 1.8.4.9 released by Atera on April 17, 2023, and

act atera attacks critical cve escalation february flaws management mandiant monitoring privilege privilege escalation remote monitoring remote monitoring and management software springboard vulnerabilities windows zero-day zero-days zero-day vulnerabilities

Visit resource

More from thehackernews.com / The Hacker News

New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation 14 hours ago | thehackernews.com
attack bypass cve cve-2024 +25
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign 16 hours ago | thehackernews.com
actor apt28 called campaign +23
New Guide: How to Scale Your vCISO Services Profitably 20 hours ago | thehackernews.com
access business can ciso +18
Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery 20 hours ago | thehackernews.com
authentication authentication bypass botnet bypass +27
Critical F5 Central Manager Vulnerabilities Allow Enable Full Device Takeover 1 day, 1 hour ago | thehackernews.com
accounts actor administrator attackers +18
A SaaS Security Challenge: Getting Permissions All in One Place 1 day, 17 hours ago | thehackernews.com
access all in apps base +16
New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data 1 day, 17 hours ago | thehackernews.com
academics advanced advanced encryption aes +30
The Fundamentals of Cloud Security Stress Testing 1 day, 21 hours ago | thehackernews.com
assets attackers cloud cloud security +17
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version 1 day, 21 hours ago | thehackernews.com
aim analysis anti-analysis bypass +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Expert Global Security Solutions Specialist

@ CHS Inc. | Inver Grove Heights, MN, US, 55077-1721
View on infosec-jobs.com

Security Operations Senior Associate - Perimeter Response

@ JPMorgan Chase & Co. | Houston, TX, United States
View on infosec-jobs.com

Cybersecurity Engineer IV

@ ManTech | 203O - CustomerSite,Washington,DC
View on infosec-jobs.com

Senior Site Reliability Engineer - Security

@ Klaviyo | Boston, MA
View on infosec-jobs.com

Information Security Specialist (Cloud Security)

@ Vertiv | Philippines
View on infosec-jobs.com

Business Value Consultant

@ Sumo Logic | United States
View on infosec-jobs.com
View more jobs