CommunityUniversityDevelopersSupportLogin
Platform
Solutions
Pricing
Resources
Partners

FEATURES

View features overview

Automation

AI-powered IT Automation for All Your Endpoints

Ask Otto
Custom scripts with ease

Configuration

Automatically enforce device configurations

Worklets Catalog
Plug-and-play device configuration

Patching

Automated Cross-OS & Hundreds of Third-Parties

Software Catalog
Truly automated, secure patching

Vulnerability Remediation

Automated and Manual Vuln Sync and Remediation

Automated Vulnerability Remediation (AVR)
Connect to scanners and remediate in minutes

Remote Control

Instantly Troubleshoot Windows and macOS

Reporting

Dashboard, PDF Exports and API Flexibility

Deployment

Automatically Deploy Hundreds of Software Titles

Cloud Architecture

Zero Hardware and Fast, Reliable Agent

Services & Support Plans

Maximize your ROI + upskill your team

Security

Best-in-class security, always free

INSTANT DEMOS

Deploy in Seconds

Remote Access

FixNow

Ask Otto AI Scripting

Software Deployment

Single Pane Dashboard

Automate with Worklets

Find & Fix Vulnerabilities

Worklets Catalog

Cross OS Patching

Cross OS Visibility

Desired State Config

Endpoint Organization

Secure Script Signing

Ratings & Reviews

Thousands of Customers Managing 1,250,077 Endpoints

OUTCOMES

Automated Cross-OS Updates

Everything Updated — Desktops, Laptops, Servers

Visibility & Reporting

Prove Everything in Your Environment is Up to Date

Automated Software Updates

One Source to Keep All Your Software Up to Date

Zero-Hardware IT Cloud

No VPN, No Servers, One Fast, Reliable Agent

Automated Configuration

Eliminate Drift and Keep Everything Up to Date

Cross-Platform Troubleshooting

Quickly Resolve Windows & macOS Tickets

INDUSTRIES

State & Local Government

K-12 Education

Colleges & Universities

Pharmaceuticals

Sports Organizations

MSPs

SaaS

TOPICS

View all

IT Automation

Patching & Endpoint Automation

Vulnerability Remediation

IT Operations

Patch Tuesday

Automox Updates

SOURCES

View all

Events

Blog

Reports & Guides

Case Studies

Solution Briefs

News & Press

Videos

Podcasts

FEATURED

UPCOMING

View all

AUTOMOX+

View partners overview

Rapid7

Maximize your Rapid7 investment with Automox

ServiceNow

Empower your data to do more

SentinelOne

Scale and safeguard every endpoint, easily

Splunk

Comprehensive insights drive better decisions, faster

Crowdstrike

The new standard in cloud-native endpoint security

Freshworks

Streamlined IT service management

lansweeper

Cut complexity and conquer vulnerabilities

Microsoft InTune

Get Intune with your endpoint management

MORE WAYS TO BUY

Distributors & Resellers

Outside the US and Canada

Managed Service Providers

Find an Automox MSP

AWS Marketplace

Security Bulletin

Severity

CVE-2022-36122
09/02/2022
Local Privilege Escalation in the Automox Agent (Windows Only)
High (7.8)

Severity: High

CVE Score: 7.8

CVE Vector String: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description: The Automox Agent prior to version 40 for windows incorrectly sets permissions on key files.

Affected Products:

  • Automox Agent for Windows before version 40

Source: Reported by Synack Red Team

Severity: High

CVE Score: 7.7

CVE Vector String: AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Description: Automox Agent for OSX before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process.

Affected Products:

  • Automox Agent for OSX before version 39

Source: Reported by Anonymous

Severity: Medium

CVE Score: 4.4

CVE Vector String: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Description: Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process.

Affected Products:

  • Automox Agent prior to version 37 (Windows and Linux)
  • Automox Agent prior to version 36 (OSX)

Source: Reported by Mostafa Soliman

Severity: High

CVE Score: 7.8

CVE Vector String: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description: The Automox Agent prior to Version 32 incorrectly sets permissions on a temporary directory while running in Windows environments.

Affected Products:

  • Automox Agent prior to version 32 (windows only)

Source: Reported by Greg Foss

Severity: High

CVE Score: 7.8

CVE Vector String: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description: The Automox Agent Version 33 incorrectly sets permissions on a temporary directory while running in Windows environments.

Affected Products:

  • Automox Agent version 33 (windows only)

Source: Reported by Adam Nadrowski and Ryan Garbars - Automox Security

Severity: Low

CVE Score: 3.7

CVE Vector String: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Description: The automox agent exposes an easily guessed endpoint in the Automox AWS infrastructure

Affected Products:

  • Automox agents prior to version 31

Source: Reported by Rapid7 researcher Danny Jordan

Severity: Low

CVE Score: 3.3

CVE Vector String: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description: Automox Agent improperly logs sensitive information on the local endpoint.

Affected Products:

  • Automox agents prior to version 31

Source: Reported by Rapid7 researcher Danny Jordan

Start your free trial.

Join over 1,249,577 endpoints managed with Automox.

start your free trial now

PRODUCT

OverviewFeaturesWorkletsPricingRoadmap

COMPANY

AboutLeadershipNewsCareersDiversity in ITContact

DOCS

DocsAPIFAQ

CUSTOMERS

SupportCommunityUniversityDevelopersPartners

SOCIAL

LEGALTerms of UsePrivacy PolicyMaster Services Agreement
CSA STAREU-US DPGDPRPCI DSSSOCTX-RAMP
Copyright © 2024 Automox. AUTOMOX is a registered trademark in the US and other countries.
CSA STAREU-US DPGDPRPCI DSSSOCTX-RAMP