CVE-2019-9627

Name of the Vulnerable Software and Affected Versions CyberArk Endpoint Privilege Manager versions prior to 10.7

Description A buffer overflow in the kernel driver CybKernelTracker.sys allows an attacker without Administrator privileges to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.

Recommendations For versions prior to 10.7, update to version 10.7 or later to resolve the issue. As a temporary workaround, consider restricting the ability to load images with long paths to minimize the risk of exploitation.