Insufficient Anti-Tampering Protection in Forcepoint One Endpoint for Windows
CVE-2022-27609

6MEDIUM

Key Information:

Vendor: Forcepoint
Status: One Endpoint
Vendor: CVE Published:; 4 April 2022

What is CVE-2022-27609?

Forcepoint One Endpoint, prior to version 22.01, installed on Microsoft Windows, lacks adequate protection against tampering by users with Administrator privileges. This flaw allows these users to potentially disable the Forcepoint One Endpoint service, thereby undermining the security measures and protections the software is designed to provide. Consequently, unauthorized users could exploit this vulnerability, resulting in diminished endpoint security and increased risk of security breaches.

Affected Version(s)

One Endpoint Microsoft Windows 22.01

References

https://help.forcepoint.com/security/CVE/CVE-2022-27609.html

x_refsource_MISC

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 4, 2022
Vulnerability Reserved
Mar 21, 2022

Credit

Forcepoint would like to thank mr.d0x - @mrd0x for discovering and working with us to responsibly disclose this vulnerability.