GCVE - cpe:2.3:a:netwrix:cososys_unify:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:netwrix:cososys_unify:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Netwrix (`2c17eb0e-c1fa-5beb-87ec-e19d616e165b`)
Product	Cososys Unify (`79beda16-9088-5acb-8d80-462c67673b93`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-36075`	vulnerable	2026-06-08 06:39:43.614373	Details available The CoSoSys Endpoint Protector through 5.9.3 and Unify agent through 7.0.6 is susceptible to an arbitrary code execution vulnerability due to the way an archive obtained from the Endpoint Protector or Unify server is extracted on the endpoint. An attacker who is able to modify the archive on the server could obtain remote code execution as an administrator on an endpoint. Published: 2024-06-27T00:00:00.000Z Updated: 2024-08-02T03:30:12.995Z Open on db.gcve.eu Reference links https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001E5lKAE.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-36074`	vulnerable	2026-06-08 06:39:43.611701	Details available Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the Endpoint Protector and Unify agent in the way that the EasyLock dependency is acquired from the server. An attacker with administrative access to the Endpoint Protector or Unify server can cause a client to acquire and execute a malicious file resulting in remote code execution. Published: 2024-06-27T00:00:00.000Z Updated: 2024-08-02T03:30:12.958Z Open on db.gcve.eu Reference links https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001E5lKAE.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-36073`	vulnerable	2026-06-08 06:39:43.611220	Details available Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the shadowing component of the Endpoint Protector and Unify agent which allows an attacker with administrative access to the Endpoint Protector or Unify server to overwrite sensitive configuration and subsequently execute system commands with SYSTEM/root privileges on a chosen client endpoint. Published: 2024-06-27T00:00:00.000Z Updated: 2024-08-02T03:30:12.673Z Open on db.gcve.eu Reference links https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001E5lKAE.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-36072`	vulnerable	2026-06-08 06:39:43.610611	Details available Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious request, resulting in the ability to execute system commands with root privileges. Published: 2024-06-27T00:00:00.000Z Updated: 2024-08-02T03:30:12.535Z Open on db.gcve.eu Reference links https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001E5lKAE.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.