Integer overflow vulnerability

This document explains two Remote Code Execution vulnerabilities CVE-2020-15588 and CVE-2020-15589 that have been reported.

Vulnerability ID :CVE-2020-15588, CVE-2020-15589
Update Release build : 100350
Update Release Date : 27-July-2020
Reported by: Dennis Elser

 

What was the problem?

The client side of Zohocorp ManageEngine Endpoint Central is affected by two vulnerabilities that allow for unauthenticated RCE with SYSTEM privileges.

How do I fix it?

These vulnerabilities have been identified and fixed. To apply the fix, follow the steps mentioned below:

    1. Log in to your Vulnerability Manager Plus console, click on your current build number on the top right corner.
    2. You can find the latest build applicable to you. Download the PPM and update.

 

Keywords: Query Execution, Security Updates, Vulnerabilities and Fixes.