DESlock+ Support DESlock+ Support
Knowledgebase
A vulnerability exists which could allow an authenticated Admin level user to escalate their account level
Article ID: KB176 email a link to this article

A vulnerability exists where an Admin user (or any user with a custom role set with permission to upload a DESlock+ Client MSI file) can exploit a flaw to execute arbitrary code, including the ability to escalate their own login level to System Admin.

It is highly recommended that you upgrade immediately to version 2.5.0 (or later) to resolve this issue.

Download

Version 2.5.2 of the Enterprise Server can be downloaded here.

Affected versions

Issue not present 2.3.8 (and earlier)
Issue present 2.3.9 to 2.4.5 (inclusive)
Issue resolved 2.5.0 (and later)

 

(0 vote(s))
Helpful
Not helpful