CVE-2018-10959

Published: Apr 17, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://hackandpwn.com/cve-2018-10959/

x_refsource_MISC

https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_4.4.267.0_SR6.pdf

x_refsource_MISC

https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_5.1.149.0_SR1.pdf

x_refsource_MISC

https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-4-4-sr6.pdf

x_refsource_MISC

https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-5-1.pdf

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-10959

Description

Affected Products

References