Lee Christensen

#8929of 53,634
30.6Total CVSS
Vulnerabilities · 4
Medium
1
High
3
PT-2021-3785
8.5
2021-08-10
Microsoft · Windows · CVE-2021-36942
**Name of the Vulnerable Software and Affected Versions** Microsoft Windows Local Security Authority (LSA) versions are affected, but specific versions are not provided in the input data. **Description** A spoofing issue allows attackers to affect the system. The problem is related to the Local Security Authority (LSA) in Windows. Details about real-world incidents where this issue was exploited are not provided. Technical details about exploitation include the use of `EfsRpcEncryptFileSrv` to bypass the latest MS patch. The issue can be exploited through RPC, and a named pipe, such as "lsarpc", can be used. The estimated number of potentially affected devices worldwide is not available. **Recommendations** No specific recommendations for resolving the issue are provided in the input data for each affected version.
PT-2021-12816
9.0
2021-01-06
Proofpoint · Proofpoint Insider Threat Management Agent For Windows · CVE-2020-8884
Name of the Vulnerable Software and Affected Versions: Proofpoint Insider Threat Management Windows Agent versions prior to 7.9 Description: The issue allows remote authenticated users to execute arbitrary code as SYSTEM due to improper deserialization over named pipes in the rcdsvc component of the Proofpoint Insider Threat Management Windows Agent. Recommendations: For versions prior to 7.9, update to version 7.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the named pipes used by the rcdsvc component to minimize the risk of exploitation.
PT-2018-9170
5.3
2018-05-08
Microsoft · Windows · CVE-2018-0958
**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined. **Description** A security-feature bypass issue allows attackers to affect the system. No additional details are provided about the nature of the issue, potential impacts, or the scope of affected devices. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2018-9123
7.8
2018-03-13
Microsoft · Windows Server · CVE-2018-0884
Name of the Vulnerable Software and Affected Versions: Windows 10 versions Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 Windows Server, version 1709 Description: A security feature bypass issue exists due to how objects are handled in memory. This allows attackers to affect the system. Recommendations: For Windows 10 versions Gold, 1511, 1607, 1703, and 1709, update to a newer version that addresses the security feature bypass vulnerability. For Windows Server 2016 and Windows Server, version 1709, update to a newer version that addresses the security feature bypass vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.