Vulnerability CVE-2023-27470
Published: 2023-09-11

Description:
BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion.

 References:
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0011.md
Copyright 2026, cxsecurity.com

 

Back to Top