CVE-2022-38775

Published Jan 26, 2023

Last updated 2 years ago

Overview

Description
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
Source
bressers@elastic.co
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo
bressers@elastic.co
CWE-269

Social media

Hype score
Not currently trending

Configurations