Описание
CYRISMA Sensor before 444 for Windows has an Insecure Folder and File Permissions vulnerability. A low-privileged user can abuse these issues to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM by replacing DataSpotliteAgent.exe or any other binaries called by the Cyrisma_Agent service when it starts
EPSS
Процентиль: 29%
0.00104
Низкий
8.8 High
CVSS3
Дефекты
CWE-276
Связанные уязвимости
CVSS3: 8.8
github
5 месяцев назад
CYRISMA Sensor before 444 for Windows has an Insecure Folder and File Permissions vulnerability. A low-privileged user can abuse these issues to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM by replacing DataSpotliteAgent.exe or any other binaries called by the Cyrisma_Agent service when it starts
EPSS
Процентиль: 29%
0.00104
Низкий
8.8 High
CVSS3
Дефекты
CWE-276