This document will explain you the DLL Hijacking vulnerability in Endpoint Central MSP. This vulnerability was raised by Andrea Ghelli (CVE-2020-9367).
Endpoint Central MSP accesses external libraries for specific operations via EXE files. The vulnerability leverages the qualified path used for accessing the DLL files.
When the desired DLL file is not found, it is searched for, using the standard searching methods. If there is at least one directory with write permission for normal users, then an attacker can subsititute the DLL file name with another mailicious file with the same name.
This has been identified and fixed in Endpoint Central MSP build 10.0.486 . To apply this fix, follow the steps below:
Keywords: Security Updates, Vulnerabilities and Fixes.