# Agent Authentication Mechanism Enhancement (CVE-2020-28050)

Previously, the Desktop Central agents were authenticated using a single token for an instance. Now, the agent authentication mechanism has been upgraded so that each specific Desktop Central agent is authenticated using a unique certificate. The vulnerability was reported by Tomasz Kuczyński.

## How do I fix it?

This has been identified and fixed in Desktop Central build **10.0.647**. Customers have to upgrade to build **10.0.647 or above** to patch this vulnerability.

The following are the steps to enable Client Certificate Authentication to address this vulnerability:

**Login to the web console and navigate to Admin > Security and Privacy > Security Settings > Enable Client Certificate Authentication.**

You may also refer to [this link](https://www.manageengine.com/products/desktop-central/client-certificate-authentication.html) for more information.

For any queries, feel free to contact our support team at **endpointcentral-support@manageengine.com**

**Note:** This vulnerability is not applicable to cloud editions of Desktop Central, Patch Manager Plus, and Remote Access Plus.

**Keywords:** Security Updates, Vulnerabilities and Fixes.

[Knowledge Base](https://www.manageengine.com/products/desktop-central/knowledge-base.html)