First published: Fri Aug 04 2023(Updated: )
An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to overwrite root-owned files by using hardlinks.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
NoMachine NoMachine | <8.8.1 | |
Apple macOS |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-39107 is an arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1.
CVE-2023-39107 allows attackers to overwrite root-owned files by using hardlinks in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1.
The severity of CVE-2023-39107 is critical with a CVSS score of 9.1.
To fix CVE-2023-39107, update NoMachine to version 8.8.1 or later.
No, Apple macOS is not affected by CVE-2023-39107.