Missing Digital Signature from Configuration Block
Published: May 11, 2018 | Last Updated: Sep 24, 2020
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space. This allows a privileged local user to execute arbitrary code even after that user loses access and all disk partitions are reformatted.
|Product||Platform||Fix Versions||Fix Version Release Date|
|Rpcnet.exe v857 and earlier||Windows OS||944||Feb 1, 2011|
|Rpcnetp.exe v957 and earlier||Windows BIOS||961||Jul 14, 2017|
Agent versions referenced above have addressed the security concerns by authenticating the server as part of establishing secure communications. With the above security updates, the vulnerability is limited to an administrator on the device interrupting communications to Absolute systems.
N/ARead more about NIST CVE-2009-5150