A vulnerability exists in the av-forward daemon running in AlienVault Unified Security Management appliances. The daemon accepts serialized Python and proceeds to deserialize it without proper validation, allowing unauthenticated arbitrary code execution. This module writes and executes an Impact agent by sending a specially crafted string to the daemon. The resulting agent runs as the 'avforw' use, which is non-privileged.
Product Name