Remote Code Execution Vulnerability in cryptctl 2.0 and Earlier Versions

Remote Code Execution Vulnerability in cryptctl 2.0 and Earlier Versions

CVE-2017-9270 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database.

Learn more about our Cis Benchmark Audit For Server Software.