CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-44049
https://notcve.org/view.php?id=CVE-2021-44049
CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a Trojan horse Procmon64.exe in the user's Temp directory. CyberArk Endpoint Privilege Manager (EPM) versiones hasta 11.5.3.328 anteriores a 20-12-2021, permite a un usuario local alcanzar privilegios elevados por medio de un troyano Procmon64.exe en el directorio Temp del usuario • https://docs.cyberark.com/Product-Doc/OnlineHelp/EPM-onprem/Latest/en/Content/Release%20Notes/RN-WhatsNew.htm https://hencohen10.medium.com/cyberark-endpoint-manager-local-privilege-escalation-cve-2021-44049-67cd5e62c3d2 https://www.cyberark.com/ca21-34 https://www.cyberark.com/product-security • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-25738
https://notcve.org/view.php?id=CVE-2020-25738
CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows attackers to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database. CyberArk Endpoint Privilege Manager (EPM) versión 11.1.0.173, permite a atacantes omitir un mecanismo de protección contra robo de credenciales inyectando una DLL en un proceso que normalmente presenta acceso de credenciales, tal y como un proceso de Chrome que lee unas credenciales desde una base de datos SQLite • https://gist.github.com/inc0d3/47294c1e73ef8cbdc098e739d086efbc https://www.cyberark.com/resources/blog/introducing-cyberark-endpoint-privilege-manager • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 4CVE-2018-14894 – CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
https://notcve.org/view.php?id=CVE-2018-14894
CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications. CyberArk Endpoint Privilege Manager 10.2.1.603 y anteriores permite a un atacantes (capaz de editar los permisos de un fichero) eludir las restricciones de acceso previstas y ejecutar aplicaciones bloqueadas. CyberArk EPM version 10.2.1.603 suffers from a security restrictions bypass vulnerability. • https://www.exploit-db.com/exploits/46688 http://packetstormsecurity.com/files/152489/CyberArk-EPM-10.2.1.603-Security-Restrictions-Bypass.html https://mustafakemalcan.com/cyberark-epm-file-block-bypass-cve-2018-14894 https://www.youtube.com/watch?v=B0VpK0poTco • CWE-269: Improper Privilege Management •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9627
https://notcve.org/view.php?id=CVE-2019-9627
A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path. Un desbordamiento de búfer en el controlador del kernel CybKernelTracker.sys en CyberArk Endpoint Privilege Manager, en versiones anteriores a la 10.7, permite a un atacante (sin permisos del administrador) escalar privilegios o cerrar la máquina cargando una imagen, como puede ser un DLL, con una ruta larga. • http://www.securityfocus.com/bid/107387 http://www.securityfocus.com/bid/107852 https://www.nccgroup.trust/us/our-research/technical-advisory-cyberark-epm-non-paged-pool-buffer-overflow • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-13052
https://notcve.org/view.php?id=CVE-2018-13052
In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin. En CyberArk Endpoint Privilege Manager (anteriormente Viewfinity), es posible el escalado de privilegios si el atacante tiene un proceso que se ejecuta como Admin. • https://www.youtube.com/watch?v=xYRbXBPubaw •