On October 26, 2017, a CVE that is specific to Bomgar (CVE-2017-5996) was published.
In February 2017, a security firm contacted us about a vulnerability in Bomgar’s Remote Support product. Bomgar promptly addressed the issue, and an update was included in subsequent releases. The security firm has now decided to publish it as a reported vulnerability, which is a common practice.
If you are a Bomgar customer, we recommend that you upgrade to the latest version of the software. The finding was addressed in the following prior releases, and all subsequent releases:
- Remote Support 16.2.4 - March 14, 2017
- Remote Support 16.1.5 - March 28, 2017
- Remote Support 15.2.3 - April 6, 2017
All Bomgar Remote Support customers can check their software version by going to /login Status>Site Status and look for the Product Version number.
Bomgar treats any potential security-related vulnerability in our software very seriously and will always work to address them as fast as possible.