KLA10160
Multiple vulnerabilities in First Response

Multiple serious vulnerabilities have been found in First Response. Malicious users can exploit these vulnerabilities to cause denial of service or hijack user packets. Below is a complete list of vulnerabilities

1. Non-exclusive socket mode can be exploited locally;
2. Vectors related to FRAgent with enabled SSL can be exploited via specially designed requests;
3. Vectors related to FREgent with only HTTP configured to use can be exploited locally via man-in-the-middle attacks.

Mandiant First Response before 1.1.1

Update to latest version