Skip to main content
Contact Support

Who is this article for?

Code42 for Enterprise
CrashPlan for Small Business

Code42 for Enterprise, yes.

CrashPlan for Small Business, yes.

HOME
GETTING STARTED
RELEASE NOTES
FAQS
SYSTEM STATUS
Code42 Support

Code42 security advisories

  1. Last updated
  2. Save as PDF

Who is this article for?

Code42 for Enterprise
CrashPlan for Small Business

Code42 for Enterprise, yes.

CrashPlan for Small Business, yes.

Overview

This article provides advisories about security vulnerabilities in Code42 products. These security vulnerabilities have been submitted to the Mitre Common Vulnerabilities and Exposures (CVE) list.

To protect the security of our customers, we don't publish a security advisory until a vulnerability has been fully investigated and a patch or update is available that resolves the issue.

For more information about security at Code42, see our Security page. If you believe you've found a Code42 security vulnerability, see Report a security vulnerability to Code42.

If you have questions or concerns, contact our Customer Champions for support.

Security advisories

Click the title of the advisory for more information, including affected versions and the version that you should upgrade to in order to resolve the issue. 

Publication date  Title
July 6, 2020 Remote code execution on Code42 servers
November 15, 2019

Arbitrary code execution on local Windows devices

 

Arbitrary code execution on local Windows servers
September 16, 2019 Arbitrary file creation on Code42 servers
August 19, 2019 Users can restore files to locations they do not have write access to
July 11, 2019 Privilege Escalation in LoginToken API
July 11, 2019 Untrusted data is executed as System via a PAC file read by CrashPlanService.exe
December 13, 2018 Permissions vulnerability in Code42 app on Linux

Sign up for email notifications

If you want to be notified when Code42 identifies a security vulnerability, sign up for email notifications

Other resources