Skip to main content

Who is this article for?

Code42 for EnterpriseSee product plans and features
CrashPlan for Small Business 

CrashPlan for Small Business, yes.

Code42 for Enterprise, yes.

Link: Product plans and features.

Code42 Support

Code42 security advisories

Who is this article for?

Code42 for EnterpriseSee product plans and features
CrashPlan for Small Business 

CrashPlan for Small Business, yes.

Code42 for Enterprise, yes.

Link: Product plans and features.

Overview

This article provides advisories about security vulnerabilities in Code42 products. These security vulnerabilities have been submitted to the Mitre Common Vulnerabilities and Exposures (CVE) list.

To protect the security of our customers, we don't publish a security advisory until a vulnerability has been fully investigated and a patch or update is available that resolves the issue.

For more information about security at Code42, see our Security page. If you believe you've found a Code42 security vulnerability, see Report a security vulnerability to Code42.

If you have questions or concerns, contact our Customer Champions for support.

Security advisories

Click the title of the advisory for more information, including affected versions and the version that you should upgrade to in order to resolve the issue. 

Publish date  Title
September 16, 2019 Arbitrary file creation on Code42 servers
August 19, 2019 Users can restore files to locations they do not have write access to
July 11, 2019 Privilege Escalation in LoginToken API
July 11, 2019 Untrusted data is executed as System via a PAC file read by CrashPlanService.exe
December 13, 2018 Permissions vulnerability in Code42 app on Linux

Sign up for email notifications

If you want to be notified when Code42 identifies a security vulnerability, sign up for email notifications

Other resources