DESlock+ Support DESlock+ Support
A vulnerability exists which could allow an authenticated Admin level user to escalate their account level
Article ID: KB176 email a link to this article

A vulnerability exists where an Admin user (or any user with a custom role set with permission to upload a DESlock+ Client MSI file) can exploit a flaw to execute arbitrary code, including the ability to escalate their own login level to System Admin.

It is highly recommended that you upgrade immediately to version 2.5.0 (or later) to resolve this issue.


Version 2.5.2 of the Enterprise Server can be downloaded here.

Affected versions

Issue not present 2.3.8 (and earlier)
Issue present 2.3.9 to 2.4.5 (inclusive)
Issue resolved 2.5.0 (and later)