Design/Logic Flaw

2023-01-2621:15:00

PRIOn knowledge base

www.prio-n.com

quarantine feature

privilege elevation

unprivileged users

elastic endpoint security

elastic endgame

windows

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

CPENameOperatorVersion
endgamele3.62.2
endpoint_securitylt7.17.7
endpoint_securityge8.0.0
endpoint_securitylt8.4.0

Name	Operator	Version
endgame	le	3.62.2
endpoint_security	lt	7.17.7
endpoint_security	ge	8.0.0
endpoint_security	lt	8.4.0

References

discuss.elastic.co/t/endpoint-security-8-4-0-7-17-7-and-endgame-3-62-3-security-statement/323754

www.elastic.co/community/security