Description
An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\SYSTEM privileges.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
No history.
Subscriptions
No data.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-01T23:13:07.423Z
Reserved: 2024-01-22T00:00:00.000Z
Link: CVE-2024-23774
Updated: 2024-08-01T23:13:07.423Z
Status : Deferred
Published: 2024-04-30T14:15:15.103
Modified: 2026-06-17T07:13:34.793
Link: CVE-2024-23774
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')