Remote Command Execution Vulnerability

This document will explain you about the vulnerability reported by Digital Defense,Inc., which allows any user who is connected to the same network as that of the machine in which the Desktop Central Server is running, to remotely execute commands on the server machine. You can find more details on its impact in Desktop Central, and the steps to be followed to get it fixed.

What was the Problem?

Any user who  is connected to the same network as that of the machine in which the Desktop Central Server is running, can remotely execute commands on the server machine.

How do I fix it?

This has been identified and fixed on 01-02-2018. Follow the below steps to apply this fix,

  1. Log in to your Desktop Central console, click on your current build number on the top right corner.
  2. You can find the latest build applicable to you. Download the PPM and update.
Note: Whenever there is a security fix available, you will be notified in Desktop Central web console from where you can apply the fix.

 

Keywords: Security Updates, Vulnerabilities and Fixes, Remote Command Execution.