CVE-2020-37119 – Nsauditor Remote Code Execution Vulnerability

“A malicious network file could turn a trusted auditing tool into a gateway for attackers.”

This patch addresses a high-severity vulnerability (CVE-2020-37119) affecting Nsauditor, a network security auditing and monitoring tool. The issue exists in the application’s handling of certain crafted project or network data files, where improper memory management can lead to memory corruption.

An attacker can exploit this weakness by persuading a user to open a maliciously crafted file within Nsauditor. When processed, the file can trigger remote code execution, allowing attackers to run arbitrary commands on the affected system with the privileges of the user. CVE-2020-37119 carries a CVSS v3.1 score of 7.8 (High).

Updates to the software correct the unsafe memory handling and improve validation when processing external data files. Systems running vulnerable versions remain exposed until the patched version of Nsauditor is installed.

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2020-37119 – Nsauditor Remote Code Execution Vulnerability

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002