Privilege escalation in MOTEX LanScope Cat and LanScope An

Published: 2019-12-02
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-6026
Exploitation vector Local
Public exploit N/A
Vulnerable software
LanScope Cat
Server applications / DLP, anti-spam, sniffers

LanScope An
Other software / Other software solutions

Vendor MOTEX Inc.

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU23149

Risk: Low


CVE-ID: CVE-2019-6026

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No


The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper permission checks. A local user can who can login to the PC where the vulnerable product is installed may obtain unauthorized privileges and execute arbitrary code.

This vulnerability affects the following versions of LanScope Cat - Client program (MR) and Detection agent (DA):

  • -
  • -
  • -
  • Less than


Install updates from vendor's website.

Vulnerable software versions

LanScope Cat: before

LanScope An: before

CPE2.3 External links

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?