Local Privilege Escalation in CyberArk Endpoint Privilege Manager
CVE-2021-44049

7.8HIGH

Key Information:

Vendor

Cyberark

Status
Endpoint Privilege Manager
Vendor
CVE Published:
15 January 2022

What is CVE-2021-44049?

CyberArk Endpoint Privilege Manager (EPM) versions prior to 11.5.3.328 are vulnerable to a local privilege escalation issue. A local user can exploit this vulnerability by introducing a Trojan horse binary named Procmon64.exe within the user's Temp directory, potentially leading to unauthorized access and elevated permissions on the system. Users of affected versions are encouraged to update their software to mitigate this security risk.

References

https://www.cyberark.com/product-security/
x_refsource_MISC
https://docs.cyberark.com/Product-Doc/OnlineHelp/EPM-onpr...
x_refsource_MISC
https://www.cyberark.com/ca21-34/
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.