6.7

CVE-2022-47529

Exploit

EPSS 3.83%
Published 28.03.2023 13:15:07
Last modified 21.11.2024 07:32:09
Source cve@mitre.org
Teams watchlist Login
Open Login

Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protection features via ACL modification.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Rsa ≫ Netwitness Version < 12.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.83%	0.877

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

http://seclists.org/fulldisclosure/2023/Mar/26

Third Party Advisory

Exploit

Mailing List

http://seclists.org/fulldisclosure/2024/Apr/17

https://community.netwitness.com/t5/netwitness-platform-security/nw-2023-04-netwitness-platform-security-advisory-cve-2022-47529/ta-p/696935

Permissions Required

https://github.com/hyp3rlinx/CVE-2022-47529

https://hyp3rlinx.altervista.org/advisories/RSA_NETWITNESS_EDR_AGENT_INCORRECT_ACCESS_CONTROL_CVE-2022-47529.txt

Third Party Advisory

Exploit

https://packetstormsecurity.com/files/171476/RSA-NetWitness-Endpoint-EDR-Agent-12.x-Incorrect-Access-Control-Code-Execution.html

Third Party Advisory

Exploit

VDB Entry

https://seclists.org/fulldisclosure/2023/Mar/16

Third Party Advisory

Mailing List

https://twitter.com/hyp3rlinx/status/1639335477839790105

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-47529

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-47529

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-47529

EUVD