It is important to note that Sentinel Labs hasn’t looked into all possible products that could incorporate the vulnerable Eltima SDK, so there could be more products affected by the set of flaws.Īlso, some services are vulnerable on the client-side, others on the server-side, and a few on both, depending on code-sharing policies. Accops HyWorks DVM Tools for Windows: version 3.3.1.102 or lower (Part of Accops HyWorks product earlier than v3.3 R3).Accops HyWorks Client for Windows: version v3.2.8.180 or older.NoMachine, above v4.0.346 below v.7.7.4 (v.6.x is being updated as well).Amazon AppStream client version below: 1.1.304, 2.Amazon NICE DCV, below: 20 (Windows), 20 (Linux), 20 (Mac), 0.However, it is now up to cloud services to upgrade their software to utilize the updated Eltima SDK.Īccording to SentinelOne, the affected software and cloud platforms are: These vulnerabilities have been responsibly disclosed to Eltima, who has already released fixes for affected versions. This elevated access could allow malware to steal credentials that threat actors can use to breach an organization's internal network. "These vulnerabilities allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded," explained a new report by Sentinel Labs. The implications of exploiting the flaws are significant as they could allow remote threat actors to gain elevated access on a cloud desktop to run code in kernel mode. While about 64% of users of FlexiHub come from the United States, it is also popular in France and Philippines.However, as cloud desktop providers, including Amazon Workspaces, rely on tools like Eltima, SentinelOne warned that millions of users worldwide have become exposed to the discovered vulnerabilities. Relative to the overall usage of users who have this installed on their PCs, most are running Windows 10 and Windows 7 (SP1). The installed file AutoUpdate.dll is the auto-update component of the program which is designed to check for software updates and notify and apply them when new versions are discovered. The setup package generally installs about 5 files and is usually about 14.63 MB (15,340,074 bytes). The primary executable is named flexihub-gui.exe. The software is designed to connect to the Internet and adds a Windows Firewall exception in order to do so without being interfered with. Delaying the start of this service is possible through the service manager. It adds a background controller service that is set to automatically run. Manually stopping the service has been seen to cause the program to stop functing properly. Upon being installed, the software adds a Windows Service which is designed to run continuously in the background. The most common release is 2.6 (build ), with over 98% of all installations currently using this version. FlexiHub is a software program developed by ELTIMA Software.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |