6 matches found
CVE-2022-23714
CVE-2022-23714 concerns a local privilege escalation in Elastic Endpoint Security for Windows, specifically within the ransomware canaries feature. The root cause is a flaw in the canary component that could let unprivileged users obtain LocalSystem privileges. Affected are Elastic Endpoint Secur...
CVE-2022-38777
CVE-2022-38777 concerns a privilege-escalation in Elastic Endpoint Security for Windows due to a flaw in the rollback/quarantine workflow. The issue could allow an unprivileged user to elevate to LocalSystem by exploiting insufficient access control in the quarantine-related logic. Affected softw...
CVE-2022-38774
Elastic Endpoint Security and Elastic Endgame for Windows contain a Local Privilege Escalation in the quarantine feature. Affected versions: Elastic Security up to 7.17.6 and 8.3.3; Elastic Endgame up to 3.62.2. Fixes are provided in Endpoint: 7.17.7 and 8.4.0; Endgame: 3.62.3. The advisory notes...
CVE-2023-46669
The CVE-2023-46669 issue concerns Elastic Agent and Elastic Security Endpoint where an API key disclosure could expose sensitive information to local unauthorized actors, enabling potential impersonation of Endpoint to the Elastic Stack. Affected components are Elastic Agent and Elastic Security ...
CVE-2022-38775
Elastic Endpoint Security for Windows contains a rollback feature vulnerability that could let an unprivileged user escalate to LocalSystem. Affected version: 8.4.0; fix released in 8.4.1. The rollback feature is disabled by default and can be controlled via the windows.advanced.alerts.rollback.s...
CVE-2026-56152
Summary: CVE-2026-56152 concerns Elastic Defend. Affected component is the Elastic Defend response actions where an authorization check failure allowed a low-privileged authenticated user to access response action data they should not view (CWE-863, CAPEC-1). Impact details (as described): The vu...