HIGH✓ PATCH🇬🇧 English

CVE-2019-9627

CVSS 7.0v3.1pub. 2019-03-08upd. 2024-11-21

A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Cyberark Endpoint Privilege Manager

    APP
    Cyberark
    < 10.7
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
LPEMemory
CWE
Referencje

Powiązane podatności

CVE-2018-13052CRITICAL9.8ten sam produkt

In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker...

CVE-2026-2914HIGH8.5ten sam produkt

CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege el...

CVE-2025-66374HIGH7.8ten sam produkt

CyberArk Endpoint Privilege Manager Agent through 25.10.0 allows a local user to achieve privilege escalation ...

CVE-2021-44049HIGH7.8ten sam produkt

CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain ele...

CVE-2018-14894HIGH7.8ten sam produkt

CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions...