Skip to main content

App vulnerabilities

CVE Installed Applications

OS: Windows

Description

Checks if there are any known CVEs for the installed applications.

Recommendation

Keep the installed applications up to date with the latest available patches.

SAM File readable by users

OS: Windows

Description

Verifies if regular users are allowed to read the Security Account Manager (SAM) data. Non-admin users should not be allowed to read critical files, but a vulnerability (known as HiveNightmare or SeriousSam) has been discovered in Windows 11 and Windows 10 version 1809 and above, which involved a "bad" ACL being set on the %SystemRoot%\System32\Config folder, making it possible for regular users to access the SAM, SYSTEM, SECURITY and other critical files.

Recommendation

Keep the installed applications up to date with the latest available patches.