Delinea Protocol Handler Vulnerability Allows Remote Code Execution
/ 1 min read
🕷️ Delinea Protocol Handler Vulnerability Exposes Users to Remote Code Execution. A critical vulnerability in the Delinea Secret Server Protocol Handler allows remote attackers to execute arbitrary code on user machines through a malicious URL handler. This flaw can be exploited if users are tricked into visiting a compromised webpage or opening a harmful document, potentially leading to malware installation or data exfiltration. The affected versions include those below 6.0.3.28, which require manual upgrades to the patched version 6.0.3.31. Delinea has acknowledged the issue and released a fix in Secret Server version 11.7.000049, which prevents the loading of unauthorized transforms. Users are advised to update their software to mitigate this security risk.
