Vulnerabilities > NCP E > Secure Enterprise Client > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-25 CVE-2023-28872 Link Following vulnerability in Ncp-E Secure Enterprise Client 10.14/10.15/12.22
Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\Temp\NcpSupport* location.
network
low complexity
ncp-e CWE-59
8.8
8.8
2023-12-09 CVE-2023-28868 Link Following vulnerability in Ncp-E Secure Enterprise Client 10.14/10.15
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link.
network
low complexity
ncp-e CWE-59
8.1
8.1
2020-07-28 CVE-2020-11474 Link Following vulnerability in Ncp-E Secure Enterprise Client 10.14/10.15
NCP Secure Enterprise Client before 10.15 r47589 allows a symbolic link attack on enumusb.reg via Support Assistant.
local
low complexity
ncp-e CWE-59
7.8
7.8