Vulnerabilities > Automox
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-21 | CVE-2022-36122 | Incorrect Permission Assignment for Critical Resource vulnerability in Automox The Automox Agent before 40 on Windows incorrectly sets permissions on key files. | 7.8 |
| 2022-07-01 | CVE-2022-27904 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Automox Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process. | 7.0 |
| 2022-04-13 | CVE-2022-24308 | Unspecified vulnerability in Automox 31/32/33 Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process. | 2.1 |
| 2021-12-15 | CVE-2021-43325 | Incorrect Default Permissions vulnerability in Automox 33 Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. | 4.6 |
| 2021-12-15 | CVE-2021-43326 | Incorrect Default Permissions vulnerability in Automox 31 Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory. | 4.6 |
| 2021-04-23 | CVE-2021-26909 | Use of Insufficiently Random Values vulnerability in Automox Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing sensitive files, which could be brute-forced by an attacker to subvert an organization's security program. | 5.0 |
| 2021-04-23 | CVE-2021-26908 | Information Exposure Through Log Files vulnerability in Automox Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. | 2.1 |