CVE-2019-9627 - A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager v

CVE-2019-9627

Summary

A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.

References

Vulnerable Configurations

cpe:2.3:a:cyberark:endpoint_privilege_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:cyberark:endpoint_privilege_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:cyberark:endpoint_privilege_manager:10.2.1.603:*:*:*:*:*:*:*
cpe:2.3:a:cyberark:endpoint_privilege_manager:10.2.1.603:*:*:*:*:*:*:*

CVSS

Base:	6.9 (as of 05-04-2022 - 20:54)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bid	107387 107852
misc	https://www.nccgroup.trust/us/our-research/technical-advisory-cyberark-epm-non-paged-pool-buffer-overflow/

Last major update

05-04-2022 - 20:54

Published

08-03-2019 - 19:29

Last modified

05-04-2022 - 20:54