Unauthenticated Command Injection Vulnerability

This document will explain to you about the Unauthenticated Command Injection Vulnerability (CVE-2021-28960) in Endpoint Central, as reported by Chris.

What was the problem?

Unauthenticated command injection due to improper handling of input command in on-demand operations has been fixed.

How do I fix it?

This has been identified and fixed in Endpoint Central build 10.0.683. To apply this fix, follow the steps below:

  1. Log in to your Endpoint Central console, click on your current build number on the top right corner.
  2. You can find the latest build applicable to you. Download the PPM and update.

Keywords: Security Updates, Vulnerabilities and Fixes.