CVE

CVE-2023-27470

CVE-2023-27470

BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%GetSupportService_N-CentralPushUpdates, leading to arbitrary file deletion.

Source: CVE-2023-27470

Exit mobile version