This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation.
References
Link | Resource |
---|---|
https://www.f-secure.com/en/business/support-and-downloads/security-advisories | Vendor Advisory |
https://www.withsecure.com/en/support/security-advisories | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
27 Jul 2022, 22:39
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
CPE | cpe:2.3:a:f-secure:elements_endpoint_protection:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://www.f-secure.com/en/business/support-and-downloads/security-advisories - Vendor Advisory | |
References | (MISC) https://www.withsecure.com/en/support/security-advisories - Vendor Advisory |
21 Jul 2022, 16:32
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-07-21 16:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-28877
Mitre link : CVE-2022-28877
CVE.ORG link : CVE-2022-28877
JSON object : View
Products Affected
f-secure
- elements_endpoint_protection
microsoft
- windows
CWE