| Product | MagniComp's SysInfo |
| Severity | High |
| CVE Reference | N/A |
| Type | Local Privilege Escalation |
MagniComp's SysInfo enables system administrators to find and view highly detailed system, software, and hardware information on a variety of platforms.
Multiple vulnerabilities have been discovered in MagniComp's SysInfo which allow local users to read, write arbitrary files and execute arbitrary commands with root-level privileges.
Multiple vulnerabilities could allow an attacker to escalate their privileges to root and hence gain full control over the system.
The vulnerabilities are due to insufficient input validation, improper permission checks and insecure search path.
Update to the latest version.
Refer to attached detailed advisory above.
|
Date |
Summary |
|
2016-07-25 |
Reported to MagniComp’s Security Team |
|
2016-07-27 |
Fixes Confirmed |
|
2016-08-23 |
Public Patch Released |
|
2016-09-23 |
Advisory Released |