CVE-2022-23714
N/A
N/A
Summary
A local privilege escalation (LPE) issue was discovered in the ransomware canaries features of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Elastic | Endpoint Security | Versions 7.13.0 through 7.17.4 and 8.0.0 through 8.2.3 | affected |
Weaknesses
- CWE-264: CWE-264
ADP Enrichment
CVE Program Container
Additional References
- https://discuss.elastic.co/t/elastic-8-3-1-8-3-0-and-7-17-5-security-update/308613
- https://www.elastic.co/community/security
References
- https://discuss.elastic.co/t/elastic-8-3-1-8-3-0-and-7-17-5-security-update/308613
- https://www.elastic.co/community/security
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.