LANDesk(R) Management Agent Service Vulnerability: Privilege Escalation via Signed Executables

CVE-2022-30121 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system.

Learn more about our User Device Pen Test.