PT-2022-11975 · Cyberark · Cyberark Endpoint Privilege Manager

Published

2022-01-15

Updated

2022-07-12

CVE-2021-44049

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions CyberArk Endpoint Privilege Manager (EPM) versions prior to 11.5.3.328

Description The issue allows a local user to gain elevated privileges via a Trojan horse Procmon64.exe in the user's Temp directory.

Recommendations For versions prior to 11.5.3.328, update to a version released after 2021-12-20 to resolve the issue. As a temporary workaround, consider restricting access to the Temp directory to minimize the risk of exploitation.

Exploit

Fix

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-668

Related Identifiers

CVE-2021-44049

Affected Products

Cyberark Endpoint Privilege Manager

PT-2022-11975 · Cyberark · Cyberark Endpoint Privilege Manager

CVE-2021-44049

Weakness Enumeration

Related Identifiers

Affected Products

References · 7