Take Control Vulnerability in Nable (Time-of-Check to Time-of-Use)

Resolved
Resolved

We have resolved the issue. Thank you for your patience.

Avatar for
Identified

Omega Systems is aware of a vulnerability in the Take Control application utilized for remote management and support. The vulnerability was responsibly disclosed to Nable by a security researcher on February 27th 2023 and a patch was released to remediate by March 15th 2023. This vulnerability is not an external access issue and would require local system access to exploit. Out of an abundance of caution Omega Systems has audited all installs to validate the versions deployed are not vulnerable. If any remediation is needed an Omega System technician will perform the updates using automated tools to limit the need for user disruption. Additional details can be found in the links below:

https://nvd.nist.gov/vuln/detail/CVE-2023-27470

We appreciate your business and if you have any questions, please email us at servicedesk@omegapa.com or call us at 484.772.1110.

Thank you,

Omega Systems N-Central Administrator Office 610.678.7002 | Service Desk 484.772.1110

Avatar for
Began at:

Affected components
  • Support Services
    • Smart Support