CVE-2019-19895
Description
In IXP EasyInstall 6.2.13723, there is Lateral Movement (using the Agent Service) against other users on a client system. An authenticated attacker can, by modifying %SYSTEMDRIVE%\IXP\SW\[PACKAGE_CODE]\EveryLogon.bat, achieve this movement and execute code in the context of other users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In IXP EasyInstall 6.2.13723, an authenticated attacker can modify a batch file to laterally move and execute code as other users.
Vulnerability
In IXP EasyInstall version 6.2.13723, an authenticated attacker can perform lateral movement by modifying the file %SYSTEMDRIVE%\IXP\SW\[PACKAGE_CODE]\EveryLogon.bat. This file is executed at each logon for other users, allowing the attacker to inject arbitrary commands.
Exploitation
An attacker must have valid authentication to the target system. They then modify the EveryLogon.bat file corresponding to a specific package code. No additional privileges are required beyond standard user access to that file path. The modified script executes in the context of other users when they log on.
Impact
Successful exploitation allows the attacker to execute arbitrary code in the security context of other users on the same system. This leads to privilege escalation and lateral movement, potentially compromising sensitive data or system integrity.
Mitigation
As of the publication date (2020-01-23), no official patch or mitigation has been disclosed in the available references [1]. Organizations should consider restricting write access to the IXP\SW\ directory or monitoring modifications to batch files.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: = 6.2.13723
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.