This document addresses the specific challenges associated with the privilege escalation vulnerability in Endpoint Central agent.
Severity: High
Attack Vector: Local
Fixed build:
For versions 11.3.2416.18 or below, upgrade to version 11.3.2416.20
For versions 11.3.2428.02 or below, upgrade to 11.3.2428.04
Fix release date: 30-Aug-2024
Reported by: Krzysztof via ZohoCorp Bug bounty program
A standard user can replace the DLLs in the folder outside of the agent directory by tampering with the code sign of the DLL, and gains admin privilege via the replaced DLL.
Note: This issue is not applicable to Cloud versions.
Upgrading to the latest version is strongly advised due to this vulnerability's severity. To upgrade, follow the below steps:
For any further questions or concerns on this, please write to our support team.
Thank you for your feedback!
Sorry about that!