Inc0D3

**Name of the Vulnerable Software and Affected Versions** CyberArk Endpoint Privilege Manager (EPM) version 11.1.0.173 **Description** The issue allows attackers to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database. **Recommendations** For version 11.1.0.173, consider restricting access to sensitive processes to minimize the risk of exploitation, and avoid using the Credential Theft protection mechanism until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.