Insecure Permissions in Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2: Arbitrary File Creation with Local System Privileges

Insecure Permissions in Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2: Arbitrary File Creation with Local System Privileges

CVE-2023-35799 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.

Learn more about our User Device Pen Test.