CVE-2021-22159

HIGH Year: 2021
CVSS v3 Score
7.8
High
CVSS v2 Score
7.2
High
Weakness Type
CWE-306
View all →

Vulnerability Description

Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. Agents for MacOS, Linux, and ITM Cloud are not affected.

Related Vulnerabilities

CVE-2004-0213

HIGH
CVSS:7.8(High)

Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that send...

CWE-3062004

CVE-2008-6827

HIGH
CVSS:7.8(High)

The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "S...

CWE-3062008

CVE-2011-2187

HIGH
CVSS:7.8(High)

xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentica...

CWE-3062011

CVE-2014-7271

HIGH
CVSS:7.8(High)

Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication.

CWE-3062014

CVE-2015-9030

HIGH
CVSS:7.8(High)

In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication.

CWE-3062015

CVE-2018-19636

HIGH
CVSS:7.8(High)

Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker provides one at an arbitrary location it is executed with r...

CWE-3062018