CVE-2018-10722 Information

Description

In Cylance CylancePROTECT before 1470 an unprivileged local user can obtain SYSTEM privileges because users have Modify access to the PROGRAMFILES\Cylance\Desktop\log folder the CyUpdate process grants users Modify access to new files created in this folder and a new file can be a symlink chain to a pathname of an arbitrary DLL that CyUpdate uses.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

https://www.atredis.com/blog/cylance-privilege-escalation-vulnerability

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8