VYPR

KACE Agent for Windows

by Quest

CVEs (3)

  • CVE-2024-23774HigApr 30, 2024
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\SYSTEM…

  • CVE-2024-23773HigApr 30, 2024
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges.

  • CVE-2024-23772MedApr 30, 2024
    risk 0.43cvss 6.6epss 0.00

    An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file create vulnerability exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components. This allows local attackers to create any file of their choice with NT…