Primary

Context

SIOS Technology Quick Agent V2 and V3 Improper Access Control Vulnerability Allowing Arbitrary Host Login

Vulnerability

An improper access control vulnerability has been identified in Quick Agent V2 and V3, prior to the latest versions. This vulnerability allows remote unauthenticated attackers to attempt to log in to arbitrary hosts via the Windows system where Quick Agent is installed.

Impact

Exploitation of this vulnerability could lead to unauthorized login attempts on arbitrary hosts through the Windows system running Quick Agent.

Remediation

Users are advised to update Quick Agent to the latest version. Quick Agent V3 users should update to version 3.2.1 or later, and Quick Agent V2 users should update to version 2.9.8 or later. The latest versions can be downloaded from the SIOS Technology MFP Support Site.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SIOS Technology Quick Agent V2 and V3 Improper Access Control Vulnerability Allowing Arbitrary Host Login

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating