CVE-2022-26503 - Veeam Agent for Windows Deserialization Vulnerability – Local SYSTEM Privilege Escalation Explained
---
In this deep dive, we uncover how CVE-2022-26503 allows attackers to turn Veeam Agent for Windows into a tool for escalating privileges to SYSTEM.
CVE-2022-25249 - Directory Traversal Vulnerability in Axeda Agent and Desktop Server – Exploit Details and Mitigation
In early 2022, cybersecurity researchers discovered a serious vulnerability in the Axeda Agent (all versions except 6.9.2 and 6.9.3) and Axeda
CVE-2022-25247 - How Axeda Agent Flaw Lets Hackers Take Over Medical Devices (Exploit Analysis)
*Posted in June 2024 by Security Insights*
Introduction
If you thought your hospital’s medical devices were secure on the network, think again. CVE-2022-25247 is
CVE-2022-25246 Axeda agent and desktop server hard-coded credentials for UltraVNC.
The hard-coded credentials can be found in the 'server_install_dir/config/install.vnc' file of the UltraVNC installation. The file contains the
CVE-2022-25251 An agent or desktop server may allow attackers to send certain XML messages to a specific port without proper authentication.
The vulnerability exists due to improperly filtering XML data sent to a specific port. An attacker could exploit this vulnerability by sending specially crafted XML
Episode
00:00:00
00:00:00