A critical arbitrary code execution vulnerability in ACL Analytics allows attackers to execute system-level commands, leading to full system compromise.

The application improperly handles the EXECUTE function, which can be leveraged by an attacker to invoke external tools like bitsadmin. This allows for the download and execution of malicious PowerShell scripts with elevated system privileges.

The ability to execute commands with system privileges grants an attacker complete control over the host machine. Given the CVSS score of 9.8, the risk of data theft, lateral movement within the network, and the deployment of ransomware is extreme.

Immediate Action: Apply the latest security patches provided by the vendor. If an update is not available for a specific version, restrict the use of the EXECUTE function.

Proactive Monitoring: Monitor for unexpected PowerShell activity or the spawning of processes by the ACL Analytics application.

Compensating Controls: Use Endpoint Detection and Response (EDR) solutions to block unauthorized execution of bitsadmin or suspicious PowerShell scripts originating from the application.

Public Exploit Available: Unknown

This is a critical vulnerability that provides a direct path to system-level access. Organizations using affected versions of ACL Analytics must prioritize upgrading to a patched version to prevent potential system-wide compromise.