Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for All F-Secure and WithSecure Endpoint Protection Products for Windows by F-Secure and WithSecure

    CVE-2022-28877 (GCVE-0-2022-28877)

    Vulnerability from nvd – Published: 2022-07-21 15:32 – Updated: 2024-08-03 06:03
    VLAI
    Title
    Local Privilege Escalation Vulnerability in F-Secure & WithSecure Windows Endpoint Products
    Summary
    This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation.
    CWE
    • Local Privilege Escalation Vulnerability in F-Secure & WithSecure Windows Endpoint Products
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T06:03:53.220Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.withsecure.com/en/support/security-advisories"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "All F-Secure and WithSecure Endpoint Protection Products for Windows",
              "vendor": "F-Secure and WithSecure",
              "versions": [
                {
                  "status": "affected",
                  "version": "All Version"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure \u0026 WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Local Privilege Escalation Vulnerability in F-Secure \u0026 WithSecure Windows Endpoint Products",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-21T15:32:45.000Z",
            "orgId": "126858f1-1b65-4b74-81ca-7034f7f7723f",
            "shortName": "F-SecureUS"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.withsecure.com/en/support/security-advisories"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "FIX No User action is required. The required fix has been published through automatic update channel with UlcoreWin database on 2022-07-19_01"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Local Privilege Escalation Vulnerability in F-Secure \u0026 WithSecure Windows Endpoint Products",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve-notifications-us@f-secure.com",
              "ID": "CVE-2022-28877",
              "STATE": "PUBLIC",
              "TITLE": "Local Privilege Escalation Vulnerability in F-Secure \u0026 WithSecure Windows Endpoint Products"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "All F-Secure and WithSecure Endpoint Protection Products for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "All Version"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "F-Secure and WithSecure"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure \u0026 WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Local Privilege Escalation Vulnerability in F-Secure \u0026 WithSecure Windows Endpoint Products"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories",
                  "refsource": "MISC",
                  "url": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories"
                },
                {
                  "name": "https://www.withsecure.com/en/support/security-advisories",
                  "refsource": "MISC",
                  "url": "https://www.withsecure.com/en/support/security-advisories"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "FIX No User action is required. The required fix has been published through automatic update channel with UlcoreWin database on 2022-07-19_01"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "126858f1-1b65-4b74-81ca-7034f7f7723f",
        "assignerShortName": "F-SecureUS",
        "cveId": "CVE-2022-28877",
        "datePublished": "2022-07-21T15:32:45.000Z",
        "dateReserved": "2022-04-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T06:03:53.220Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-28877 (GCVE-0-2022-28877)

    Vulnerability from cvelistv5 – Published: 2022-07-21 15:32 – Updated: 2024-08-03 06:03
    VLAI
    Title
    Local Privilege Escalation Vulnerability in F-Secure & WithSecure Windows Endpoint Products
    Summary
    This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation.
    CWE
    • Local Privilege Escalation Vulnerability in F-Secure & WithSecure Windows Endpoint Products
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T06:03:53.220Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.withsecure.com/en/support/security-advisories"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "All F-Secure and WithSecure Endpoint Protection Products for Windows",
              "vendor": "F-Secure and WithSecure",
              "versions": [
                {
                  "status": "affected",
                  "version": "All Version"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure \u0026 WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Local Privilege Escalation Vulnerability in F-Secure \u0026 WithSecure Windows Endpoint Products",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-21T15:32:45.000Z",
            "orgId": "126858f1-1b65-4b74-81ca-7034f7f7723f",
            "shortName": "F-SecureUS"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.withsecure.com/en/support/security-advisories"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "FIX No User action is required. The required fix has been published through automatic update channel with UlcoreWin database on 2022-07-19_01"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Local Privilege Escalation Vulnerability in F-Secure \u0026 WithSecure Windows Endpoint Products",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve-notifications-us@f-secure.com",
              "ID": "CVE-2022-28877",
              "STATE": "PUBLIC",
              "TITLE": "Local Privilege Escalation Vulnerability in F-Secure \u0026 WithSecure Windows Endpoint Products"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "All F-Secure and WithSecure Endpoint Protection Products for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "All Version"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "F-Secure and WithSecure"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure \u0026 WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Local Privilege Escalation Vulnerability in F-Secure \u0026 WithSecure Windows Endpoint Products"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories",
                  "refsource": "MISC",
                  "url": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories"
                },
                {
                  "name": "https://www.withsecure.com/en/support/security-advisories",
                  "refsource": "MISC",
                  "url": "https://www.withsecure.com/en/support/security-advisories"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "FIX No User action is required. The required fix has been published through automatic update channel with UlcoreWin database on 2022-07-19_01"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "126858f1-1b65-4b74-81ca-7034f7f7723f",
        "assignerShortName": "F-SecureUS",
        "cveId": "CVE-2022-28877",
        "datePublished": "2022-07-21T15:32:45.000Z",
        "dateReserved": "2022-04-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T06:03:53.220Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }