PT-2019-19763 · Cyberark · Cyberark Endpoint Privilege Manager

Published

2019-03-08

Updated

2022-04-05

CVE-2019-9627

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions CyberArk Endpoint Privilege Manager versions prior to 10.7

Description A buffer overflow in the kernel driver CybKernelTracker.sys allows an attacker without Administrator privileges to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.

Recommendations For versions prior to 10.7, update to version 10.7 or later to resolve the issue. As a temporary workaround, consider restricting the ability to load images with long paths to minimize the risk of exploitation.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2019-9627

Affected Products

Cyberark Endpoint Privilege Manager

PT-2019-19763 · Cyberark · Cyberark Endpoint Privilege Manager

CVE-2019-9627

Weakness Enumeration

Related Identifiers

Affected Products

References · 5