← Back

Automox

automox

7 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Automox
automox
7 CVEs

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-36122
1Automox
1Automox
May 8, 2025
Oct 21, 2022
N/A· v4
7.8 HIGH· v3
N/A· v2
The Automox Agent before 40 on Windows incorrectly sets permissions on key files.
CVE-2022-27904
1Automox
1Automox
Nov 21, 2024
Jul 1, 2022
N/A· v4
7.0 HIGH· v3
6.9 MEDIUM· v2
Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process.
CVE-2022-24308
1Automox
1Automox
Nov 21, 2024
Apr 13, 2022
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process.
CVE-2021-43326
1Automox
1Automox
Nov 21, 2024
Dec 15, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory.
CVE-2021-43325
1Automox
1Automox
Nov 21, 2024
Dec 15, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. NOTE: this issue exists because of a CVE-2021-43326 regression.
CVE-2021-26909
1Automox
1Automox
Nov 21, 2024
Apr 23, 2021
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing sensitive files, which could be brute-forced by an attacker to subvert an organization's security program. The issue has s...Show more
Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing sensitive files, which could be brute-forced by an attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent.Show less
CVE-2021-26908
1Automox
1Automox
Nov 21, 2024
Apr 23, 2021
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been...Show more
Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent.Show less