Improper Privilege Management

CVE-2022-1256

High

7.8/10

Summary

A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges through manipulation of symbolic links.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-269 - Improper Privilege Management

An effective privilege management infrastructure provides valid users with required access and privileges across heterogeneous technology environments. An application with a faulty privilege management infrastructure allows higher than authorized privileges or enables privilege escalation. This can lead to security incidents such as system infiltration, data breach, and complete system takeover.

References

Advisory Timeline

Published Apr 14, 2022

Improper Privilege Management

CVE-2022-1256

Summary

CWE-269 - Improper Privilege Management

References

Advisory Timeline

Wireshark

KICS SaaS

DustiLock