Zero-Day Vulnerabilities in Atera Software Windows Installers: Flaws Discovered and Remediation

Zero-Day Vulnerabilities in Atera Software Windows Installers: Flaws Discovered and Remediation

Zero-Day Vulnerabilities in Atera Software Compromised

Vulnerabilities in Windows Installers of Atera Software

Zero-day vulnerabilities have been discovered in the Windows Installers for the Atera remote monitoring and management software. These vulnerabilities could potentially be exploited to launch privilege escalation attacks.

Flaws Discovered by Mandiant

The vulnerabilities were discovered by Mandiant on February 28, 2023. This security firm is known for its expertise in investigating and responding to cybersecurity breaches.

Identifiers and Remediation

The vulnerabilities have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078. Atera has addressed these issues in versions 1.8.3.7 and 1.8.4.9 of their software, which were released on April 17, 2023.

Zero-day vulnerabilities discovered in the Windows Installers of the Atera remote monitoring and management software have the potential to be exploited for privilege escalation attacks. The vulnerabilities were found by Mandiant and have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078. Atera has released versions 1.8.3.7 and 1.8.4.9 as a fix for these vulnerabilities.

Original Article: https://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html


0

Your Cart Is Empty

No products in the cart.