CVE-2021-22159 Information
Jun 07, 2022
cve
Description
Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3 7.5.4 7.6.5 7.7.5 7.8.4 7.9.3 7.10.2 and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. Agents for MacOS Linux and ITM Cloud are not affected.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Reference
https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0001 https://www.proofpoint.com/us/security/security-advisories
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8
Share on: