CVE-2022-38775

Summary

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

Affected Software

VendorProductVersion RangeStatus
ElasticElastic Endpoint SecurityVersion 8.4.0affected

Weaknesses

  • CWE-269: CWE-269

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References