Cybereason Vulnerability Disclosure

CVE-2020-25502: Cybereason Defense Platform DLL Hijacking Issue (FIXED)

In July 2020, Cybereason was made aware of a vulnerability in some versions of the Cybereason Defense Platform that could allow lower privileged users or processes to access and gain additional control over vulnerable endpoints.

This vulnerability has been remediated for all supported server and sensor versions as follows:

  • 19.1.282 and above
  • 19.2.182 and above
  • 20.1.343 and above
  • 20.2.X and above

Credit: This issue was discovered by the Lockheed Martin Red Team and validated by the Cybereason Security Team.

For any questions, please Contact Us.