An insufficient configuration of the service allows an extension of the rights on the system level.
Vulnerability in Sophos Suite
Twitter
LinkedIn
Facebook
CVE
Vulnerability type
Privilege Escalation
Pentester
Florian Hansemann
Publication
01.08.2022
Software version
HitmanPro Alert Agent (Sophos Suite) before 3.8.1.504
Timeline
– 19.06.2021 Vendor informs
– 21.06.2021 Vendor confirms the vulnerability and informs HanseSecure that the vulnerability will be patched in the next version.
– 01.08.2021 Disclosure
