HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2019-9627

CVSS 7.0v3.1pub. 2019-03-08upd. 2024-11-21

A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Cyberark Endpoint Privilege Manager

    APP
    Cyberark
    < 10.7
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
LPEMemory
CWE
References

Related vulnerabilities

CVE-2018-13052CRITICAL9.8ten sam produkt

In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker...

CVE-2026-2914HIGH8.5ten sam produkt

CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege el...

CVE-2025-66374HIGH7.8ten sam produkt

CyberArk Endpoint Privilege Manager Agent through 25.10.0 allows a local user to achieve privilege escalation ...

CVE-2021-44049HIGH7.8ten sam produkt

CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain ele...

CVE-2018-14894HIGH7.8ten sam produkt

CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions...