virus logo Virus

Riskware/RemoteAdmin

description-logoAnalysis

Riskware/RemoteAdmin is a generic detection for a riskware, this is synonymous to Generic PUA or Generic PUP. Since this is a generic detection, riskware that are detected as Riskware/RemoteAdmin may have varying behaviour.
Below are some of its observed characteristics/behaviours:

  • Files detected as Riskware/RemoteAdmin fall under the category of remote monitoring and management (RMM) software and is classified as grayware.

  • These files may potentially compromise or weaken a user's security by allowing remote monitoring and control over a user's system.

description-logoOutbreak Alert

An unauthenticated attacker can perform a Remote Code Execution (RCE) on a vulnerable PaperCut Application Server. According to the vendor, the specific flaw exists within the SetupCompleted class and could be achieved remotely without authentication. PaperCut MF/NG Improper Access Control Vulnerability (CVE-2023-27350) has been seen exploited in the wild.

View the full Outbreak Alert Report

recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
FortiClient
FortiAPS
FortiAPU
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-04-01 92.02970
2024-03-31 92.02951
2024-03-11 92.02336
2024-02-07 92.01362
2024-01-31 92.01152
2024-01-29 92.01092
2024-01-22 92.00876
2024-01-17 92.00732
2024-01-08 92.00462
2024-01-03 92.00311
ID 2985176
Released Apr 26, 2023
Description
Updated		 Aug 21, 2011
Outbreak Alert PaperCut RCE
Platform Profile Riskware is a term for potentially unwanted or dangerous software programs that do not fall under Adware. They could be legitimate software applications that may be misused and pose possible security risks to users.