Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27904 | 2 Apple, Automox | 2 Macos, Automox | 2023-02-08 | 6.9 MEDIUM | 7.0 HIGH |
| Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process. | |||||
| CVE-2022-36122 | 2 Automox, Microsoft | 2 Automox, Windows | 2022-10-24 | N/A | 7.8 HIGH |
| The Automox Agent before 40 on Windows incorrectly sets permissions on key files. | |||||
| CVE-2021-26909 | 1 Automox | 1 Automox | 2022-04-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing sensitive files, which could be brute-forced by an attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent. | |||||
| CVE-2022-24308 | 4 Apple, Automox, Linux and 1 more | 4 Macos, Automox, Linux Kernel and 1 more | 2022-04-20 | 2.1 LOW | 5.5 MEDIUM |
| Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process. | |||||
| CVE-2021-43326 | 2 Automox, Microsoft | 2 Automox, Windows | 2022-03-29 | 4.6 MEDIUM | 7.8 HIGH |
| Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory. | |||||
| CVE-2021-43325 | 2 Automox, Microsoft | 2 Automox, Windows | 2021-12-17 | 4.6 MEDIUM | 7.8 HIGH |
| Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. NOTE: this issue exists because of a CVE-2021-43326 regression. | |||||
| CVE-2021-26908 | 1 Automox | 1 Automox | 2021-05-05 | 2.1 LOW | 3.3 LOW |
| Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent. | |||||