CVE-2022-38775Improper Privilege Management in Endpoint Security

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 88.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Elastic Endpoint SecurityElastic Endpoint Security
Timeline
PublishedJan 26

Description

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5elastic/elastic_endpoint_securityVersion 8.4.0

🔴Vulnerability Details

2
GHSA
GHSA-w54m-96qg-mxgp: An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privil2023-01-26
CVEList
CVE-2022-38775: An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privil2023-01-24
CVE-2022-38775 — Improper Privilege Management | cvebase