CVE-2023-26078
Description
Privilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Local privilege escalation in Atera Agent for Windows via repair operation allows unprivileged users to gain SYSTEM privileges.
Vulnerability
Atera Agent versions 1.8.4.8 and prior on Windows contain a local privilege escalation vulnerability due to mishandling of privileged APIs. The installation uses the Windows Installer framework with an MSI file cached in C:\Windows\Installer. An unprivileged user can trigger a repair operation, which executes commands in a SYSTEM context [1].
Exploitation
An authenticated local user can trigger a repair operation using the Windows Installer API or by running msiexec.exe /fa c:\Windows\Installer\[XXXXX].msi. This opens a Command Prompt window from a SYSTEM context. By freezing the window (e.g., highlighting text with the mouse), the attacker can access the Properties window, which contains hyperlinks that can open a web browser as SYSTEM. User interaction (freezing the window) is required [1].
Impact
Successful exploitation grants the attacker SYSTEM-level privileges, leading to full compromise of confidentiality, integrity, and availability of the affected system [1].
Mitigation
The vulnerability was fixed in Atera Agent version 1.8.4.9, released on 2023-06-26. Users should update to this version or later [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Atera/Agentdescription
- Range: <=1.8.4.4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.