Vulnerability Description
A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cyberark | Endpoint Privilege Manager | < 10.7 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/107387Broken Link
- http://www.securityfocus.com/bid/107852Broken Link
- https://www.nccgroup.trust/us/our-research/technical-advisory-cyberark-epm-non-pThird Party Advisory
- http://www.securityfocus.com/bid/107387Broken Link
- http://www.securityfocus.com/bid/107852Broken Link
- https://www.nccgroup.trust/us/our-research/technical-advisory-cyberark-epm-non-pThird Party Advisory
FAQ
What is CVE-2019-9627?
CVE-2019-9627 is a vulnerability with a CVSS score of 7.0 (HIGH). A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges o...
How severe is CVE-2019-9627?
CVE-2019-9627 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-9627?
Check the references section above for vendor advisories and patch information. Affected products include: Cyberark Endpoint Privilege Manager.