CVE-2022-27773
published 2022-12-05CVE-2022-27773: A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges.
PriorityP357critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.58%
83.3th percentile
A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | endpoint_manager | < 2021.1 | 2021.1 |
| ivanti | endpoint_manager | — | — |
| ivanti | endpoint_manager | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Privilege escalation vulnerability in Ivanti EPM (LANDesk Management Suite) allowing execution of commands with elevated privileges — monitor for unexpected privileged process execution originating from EPM/LANDesk agent processes
- ·The provided sources contain only high-level advisory text with no technical details, IOCs, exploit code, or operational indicators. No hashes, domains, IPs, paths, commands, or signatures were present in the source material. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-w6h6-prfq-77c8: A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privi
ghsa_unreviewed·2022-12-06
CVE-2022-27773 [CRITICAL] CWE-269 GHSA-w6h6-prfq-77c8: A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privi
A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges.
Ivanti
Ivanti Security Advisory: CVE-2022-27773
vendor_ivanti·2022-12-05·CVSS 9.8
CVE-2022-27773 [CRITICAL] CWE-276 Ivanti Security Advisory: CVE-2022-27773
Ivanti Security Advisory: CVE-2022-27773
A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges.
CVE IDs: CVE-2022-27773
CVSS Base Score: 9.8
Severity: CRITICAL
CWEs: CWE-276
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-05
Published