Insecure Memory Object Vulnerability in RSA NetWitness Platform
CVE-2022-47529

6.7MEDIUM

Key Information:

Vendor

Rsa
Status
Netwitness
Vendor
CVE Published:
28 March 2023

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2022-47529?

The RSA NetWitness Platform prior to version 12.2 contains a critical vulnerability due to insecure Win32 memory objects. This flaw allows local and administrative Windows users to alter the configuration of the endpoint agent service. As a result, they can completely disable the service or execute arbitrary code, enabling them to circumvent built-in tamper-protection mechanisms through modifications to Access Control Lists (ACLs). This vulnerability underscores the importance of proper access controls and highlights potential risks in endpoint security configurations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2022-47529
Created by hyp3rlinx

References

https://twitter.com/hyp3rlinx/status/1639335477839790105
https://hyp3rlinx.altervista.org/advisories/RSA_NETWITNES...
https://packetstormsecurity.com/files/171476/RSA-NetWitne...

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability Reserved

JSON
.