Описание
Cybereason EDR version 19.1.282 and above, 19.2.182 and above, 20.1.343 and above, and 20.2.X and above has a DLL hijacking vulnerability, which could allow a local attacker to execute code with elevated privileges.
Ссылки
- Vendor Advisory
- Not Applicable
- Vendor Advisory
- Vendor Advisory
- Not Applicable
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 19.1.282 (исключая)Версия от 19.2.0 (включая) до 19.2.182 (исключая)Версия от 20.1.0 (включая) до 20.1.343 (исключая)
Одно из
cpe:2.3:a:cybereason:endpoint_detection_and_response:*:*:*:*:*:*:*:*
cpe:2.3:a:cybereason:endpoint_detection_and_response:*:*:*:*:*:*:*:*
cpe:2.3:a:cybereason:endpoint_detection_and_response:*:*:*:*:*:*:*:*
cpe:2.3:a:cybereason:endpoint_detection_and_response:20.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00057
Низкий
7.8 High
CVSS3
Дефекты
CWE-427
CWE-427
Связанные уязвимости
CVSS3: 7.8
github
около 3 лет назад
Cybereason EDR version 19.1.282 and above, 19.2.182 and above, 20.1.343 and above, and 20.2.X and above has a DLL hijacking vulnerability, which could allow a local attacker to execute code with elevated privileges.
EPSS
Процентиль: 18%
0.00057
Низкий
7.8 High
CVSS3
Дефекты
CWE-427
CWE-427