CVE-2009-5150
Last modified
CVE-2009-5150 is a vulnerability of currently unknown severity. Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space. This allows a privileged local user to execute arbitrary code even after that user loses access and all disk partitions are reformatted.. EPSS estimates a 0.55% chance of exploitation in the next 30 days.
Description
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space. This allows a privileged local user to execute arbitrary code even after that user loses access and all disk partitions are reformatted.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Absolute | Computrace Agent | 80.845 |
| Absolute | Computrace Agent | 80.866 |
References
- https://www.coresecurity.com/system/files/publications/2016/05/Paper-Deactivate-the-Rootkit-AOrtega-ASacco.pdfExploit, Technical Description, Third Party Advisory
- https://www.coresecurity.com/system/files/publications/2016/05/Paper-Deactivate-the-Rootkit-AOrtega-ASacco.pdfExploit, Technical Description, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-5150?
How severe is CVE-2009-5150?
How do I fix CVE-2009-5150?
Are you affected by CVE-2009-5150?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST