Vulnerability in Rapid7 Velociraptor

CVE-2022-35631

On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0…

EPSS: 0.001 (28.7th percentile) — read the EPSS interpretation.

Affected products

Rapid7 Velociraptor — versions 0.6.5-2

Weakness classification (CWE)

CWE-377 — Insecure Temporary File

References

www.rapid7.com/blog/post/2022/07/26/cve-2022-35629-35632-velociraptor-multiple-… (x_refsource_CONFIRM)