Local Privilege Escalation Vulnerability in Proofpoint Insider Threat Management Windows Agent
CVE-2021-22159

7.8HIGH

Key Information:

Vendor: Proofpoint
Status: Insider Threat Management
Vendor: CVE Published:; 26 January 2021

Summary

The Proofpoint Insider Threat Management Agent for Windows has a vulnerability that permits local authenticated users to execute arbitrary commands with SYSTEM-level privileges. This flaw arises due to a lack of authentication for a critical function within the agent, opening a pathway for potential exploitation by malicious insiders. It is important to note that this vulnerability does not affect the agents for MacOS, Linux, or ITM Cloud.

References

https://www.proofpoint.com/us/security/security-advisories

x_refsource_MISC

https://www.proofpoint.com/us/security/security-advisorie...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 26, 2021
Vulnerability Reserved
Jan 4, 2021