CVE-2022-28877

Published: Jul 21, 2022Modified: Nov 21, 2024

6.7

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: NVD

Description

This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation.

Affected (1)

Products: F Secure: Elements Endpoint Protection

1 product

Elements Endpoint Protection

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
F Secure Elements Endpoint Protection	All versions

Running on/with	Platform Versions
Microsoft Windows	All versions

References (4)

https://www.f-secure.com/en/business/support-and-downloads/security-advisories

Source: cve-notifications-us@f-secure.com

Vendor Advisory

https://www.withsecure.com/en/support/security-advisories

Source: cve-notifications-us@f-secure.com

Vendor Advisory

https://www.f-secure.com/en/business/support-and-downloads/security-advisories

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.withsecure.com/en/support/security-advisories

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.