Code42 security advisories
Who is this article for?
Incydr Professional, Enterprise, and Gov F2
Incydr Basic, Advanced, and Gov F1
CrashPlan Cloud
Other product plans
Incydr Professional and Enterprise, yes.
Incydr Basic and Advanced, yes.
CrashPlan Cloud, yes.
Other product plans, yes.
CrashPlan for Small Business, yes.
Overview
This article provides advisories about security vulnerabilities in Code42 products. These security vulnerabilities have been submitted to the Mitre Common Vulnerabilities and Exposures (CVE) list.
Security advisories
Click the title of the advisory for more information, including affected versions and the version that you should upgrade to in order to resolve the issue.
| CVE ID | Publication date | Title |
|---|---|---|
| CVE-2020-12736 | July 6, 2020 | Remote code execution on Code42 servers |
|
|
November 15, 2019 |
Arbitrary code execution on local Windows devices
|
| CVE-2019-15131 | September 16, 2019 | Arbitrary file creation on Code42 servers |
| CVE-2019-11551 | August 19, 2019 | Users can restore files to locations they do not have write access to |
| CVE-2019-11553 | July 11, 2019 | Privilege Escalation in LoginToken API |
| CVE-2019-11552 | July 11, 2019 | Untrusted data is executed as System via a PAC file read by CrashPlanService.exe |
| CVE-2018-20131 | December 13, 2018 | Permissions vulnerability in Code42 app on Linux |
Sign up for email notifications
If you want to be notified when Code42 identifies a security vulnerability, update your email preferences:
- On the Code42 email preferences page, enter your email address.
- Confirm that Common Security and Vulnerability Reports is selected.
If you already receive other Code42 emails, you'll continue to receive them even if you don't select those options. The options you select are added to your current subscriptions. - Enter required information about your company.
- Click Update preferences.
Related topics
Other resources
- Code42: Security