Lucene search

DIVDCVELIST:CVE-2022-25153

HistoryJun 08, 2022 - 12:00 a.m.

CVE-2022-25153 ITarian - Local privilege escalation in Endpoint Manager agent on Windows

2022-06-0800:00:00

CWE-275

DIVD

www.cve.org

cve-2022-25153

itarian

endpoint manager

local privilege escalation

windows

openssl

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup.

CNA Affected

[
  {
    "product": "Endpoint Manager Communication Client for Windows",
    "vendor": "ITarian",
    "versions": [
      {
        "lessThan": "6.43.41148.21120",
        "status": "affected",
        "version": "any version",
        "versionType": "custom"
      }
    ]
  }
]

References

csirt.divd.nl/CVE-2022-25153

csirt.divd.nl/DIVD-2021-00037

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2022-25153