Vulnerability Description
Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. Agents for MacOS, Linux, and ITM Cloud are not affected.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Proofpoint | Insider Threat Management | < 7.4.3 |
Related Weaknesses (CWE)
References
- https://www.proofpoint.com/us/security/security-advisoriesVendor Advisory
- https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0001Vendor Advisory
- https://www.proofpoint.com/us/security/security-advisoriesVendor Advisory
- https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0001Vendor Advisory
FAQ
What is CVE-2021-22159?
CVE-2021-22159 is a vulnerability with a CVSS score of 7.8 (HIGH). Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8....
How severe is CVE-2021-22159?
CVE-2021-22159 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-22159?
Check the references section above for vendor advisories and patch information. Affected products include: Proofpoint Insider Threat Management.