Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks
The flaws, discovered by Mandiant on February 28, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078, with the issues remediated in versions 1.8.3.7 and 1.8.4.9 released by Atera on April 17, and June 26, respectively.