A Named Pipe interface within ControlUp Real-Time Agent’s process provided the ability to run actions (OS commands) without authentication. This vulnerability can be exploited locally only.
We strongly urge you to do the following as soon as possible:
It is important to update/uninstall all ControlUp Real-Time Agents even if they are no longer in use. ControlUp Real-Time Agents of versions lower than 8.5 can put your organization at risk even if there is no ControlUp Console/Monitor connected to them. You can watch this 2-minute video to learn how to easily find machines with older ControlUp Real-Time Agent versions.
Credits – James Burton and Michael N. Henry, Facebook Red Team.