Untrusted Search Path Vulnerability in Avecto Defendpoint

Untrusted Search Path Vulnerability in Avecto Defendpoint

CVE-2018-10959 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch.

Learn more about our Web Application Penetration Testing UK.