Subscribe via feed.

RSA NetWitness Endpoint EDR Agent 12.x Incorrect Access Control / Code Execution

Posted by deepcore on March 25, 2023 – 3:11 am

RSA NetWitness Endpoint EDR Agent version 12.x suffers from incorrect access controls that allow for code execution. It allows local users to stop the Endpoint Windows agent from sending the events to a SIEM or make the agent run user-supplied commands.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.