Forum Discussion

IBUS's avatar
IBUS
Active Contributor
8 months ago

GoToAssist Agent Vulnerabilities

Our Microsoft Defender Endpoint reported vulnerabilities in Openssl for the following GoToAssist agent files. I asked GoToAssist support but they don't have an estimated time frame of resolution. Should we find other remote tool?

 

c:\program files\goto\gotoassist agent desktop console\libssl-3-x64.dll
c:\program files\goto\gotoassist agent desktop console\libcrypto-3-x64.dll

 

Associated CVEs (Severity): CVE-2023-2650 (High), CVE-2023-4807 (High), CVE-2023-0464 (Medium), CVE-2023-6129 (Medium), CVE-2023-2975 (Medium), CVE-2023-5363 (Medium).

 

  • Kaz111's avatar
    Kaz111
    Active Contributor

    What version of agent(s) are you on?  I have both V4 and V5 installed and I do not have the directory: c:\program files\goto .

     

    On my Win 10 computer, the DLL files you listed are stored at AppData\Local\Programs\LogMeIn\GoToAssist Agent Desktop Console