Explore expert insights, tips, and best practices to optimize your IT operations
Tap into a wealth of knowledge from your peers, industry experts, and the ControlUp team, deepening your understanding of ControlUp products and solutions.
ControlUp helps IT teams address common digital workplace experience challenges, no matter their use cases or existing technologies.
ControlUp offers a rich set of capabilities to improve the digital experience for employees using any desktop, any application, anywhere.
Explore expert insights, tips, and best practices to optimize your IT operations
Tap into a wealth of knowledge from your peers, industry experts, and the ControlUp team, deepening your understanding of ControlUp products and solutions.
A global organization of technology professionals transforming the desktop monitoring marketplace.
Severity: Medium
Update Release Date: February 17, 2022
Fix version: Version >= 8.6 for both Hybrid Cloud and COP (On-Premises)
What was the problem?
A local privilege escalation may be possible due to an insecure call to the CreateProcessAsUserA (Unquoted path) WinAPI function while the ControlUp Real-Time Agent is running.
The prerequisites for exploiting this vulnerability are very uncommon and include write access to C:\ by a low-privilege user and the ability to restart the cuAgent service.
Solution
We advise you to do the following:
- Upgrade to the latest 8.6 version of ControlUp (Hybrid Cloud and On-Premises).
- Deploy the latest ControlUp Real-Time Agent to all endpoints.
It is important to update/uninstall all ControlUp Real-Time Agents even if they are no longer in use. You can watch this 2-minute video to learn how to easily find machines with older ControlUp Real-Time Agent versions.
Upgrade Guides:
Upgrade Guide for Hybrid Cloud 8.x to 8.6On-Premises Upgrade Guide 8.x to 8.6
Please read more about the new features and security enhancements in our Security Best Practices Guide.