Goverlan Products Vulnerability: Temporary Windows Firewall Bypass

Goverlan Products Vulnerability: Temporary Windows Firewall Bypass

CVE-2022-31215 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11.

Learn more about our Cis Benchmark Audit For Server Software.