Improper Integrity Check in SAFE'N'SEC SoftControl/SafenSoft SysWatch, TPSecure, and Enterprise Suite Allows Remote Code Execution

Improper Integrity Check in SAFE'N'SEC SoftControl/SafenSoft SysWatch, TPSecure, and Enterprise Suite Allows Remote Code Execution

CVE-2018-13012 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting a forged update server.

Learn more about our Cis Benchmark Audit For Server Software.