Security Updates on Vulnerabilities

Remote Code Execution Vulnerabilities

This document will explain you about the vulnerabilities, which allows attackers to execute arbitrary code on the Endpoint Central server. You can find more details on its impact in Endpoint Central MSP, and the steps to be followed to get it fixed.

Vulnerabilities Update Released Build Update Released Date
CVE-2014-5005, CVE-2014-5006,
CVE-2014-5007, CVE-2013-7390
90055 Aug 7th 2014
CVE-2014-9371 90066 Sep 10th 2014
Remote Code Execution on ZohoMeetingAppletInstall.jar 90128 Jan 22nd 2015
Remote Code Execution in System tools' execution status update 91043 Jul 13th 2015
Remote Code Execution while uploading recorded remote sessions to the server 91093 Oct 24th 2015
CVE-2015-82001 & Remote Code Execution in few servlets 91100 Dec 12th 2015
CVE-2017-11346 Remote Code Execution while uploading help desk videos
100092 May 22nd 2017


What was the Problem?

Attackers were able to remotely execute vulnerable arbitrary codes on Endpoint Central MSP server. This might hinder or harm the data or process of Endpoint Central MSP.

How do I fix it?

This has been identified and fixed, in the Endpoint Central MSP build # 100092. Upgrade to the latest build for these issues to be fixed. 

Keywords: Remote Code Execution, Security Updates, Vulnerabilities and Fixes, CVE-2014-5005, CVE-2014-5006, CVE-2014-5007, CVE-2013-7390, CVE-2014-9371, ZohoMeetingAppletInstall.jar

Remote Desktop & Mobile Device Management Software for MSPs trusted by