Registry Key Tampering in Forcepoint One Endpoint for Windows
CVE-2022-27608

6MEDIUM

Key Information:

Vendor: Forcepoint
Status: One Endpoint
Vendor: CVE Published:; 4 April 2022

What is CVE-2022-27608?

Forcepoint One Endpoint prior to version 22.01, installed on Microsoft Windows, is susceptible to registry key tampering by users with Administrator privileges. This vulnerability allows users to modify key settings, potentially disabling anti-tampering mechanisms. As a consequence, users may effectively disable the Forcepoint One Endpoint security framework, compromising the protection it is intended to provide against various threats.

Affected Version(s)

One Endpoint Microsoft Windows 22.01

References

https://help.forcepoint.com/security/CVE/CVE-2022-27608.html

x_refsource_MISC

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 4, 2022
Vulnerability Reserved
Mar 21, 2022

Credit

Forcepoint would like to thank mr.d0x - @mrd0x for discovering and working with us to responsibly disclose this vulnerability.