Scan Assistant 1.2.5 (CVE - 2023-24540, 2022-23806, 2023-29402)

We are seeing these CVE’s associated with scan assistant 1.2.5, can someone help advise on how to remove these? The update option in the template doesn’t appear to be helping.



Support told me in a case I opened that there is some bug that prevents the scan assistant auto-update in the scans and they ‘are working on it’. If anyone has more details about it please share.

The auto-update feature for the Scan Assistant does have a bug in it for version 1.2.7 that caused it to uninstall rather than update on Windows assets, and the auto-update feature was locked to prevent this from happening. Version 1.3.2 will address this and allow for auto-updates again, and is slated for release next week if all goes well.

In the meantime, version 1.2.7 that remediates these vulnerabilities is available for download from the docs here:

Manual installation/updating will be required to roll this out, due to the issue with auto-updating via scans.