CVE-2022-23714

high

Description

A local privilege escalation (LPE) issue was discovered in the ransomware canaries features of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

References

https://www.elastic.co/community/security

https://discuss.elastic.co/t/elastic-8-3-1-8-3-0-and-7-17-5-security-update/308613

Details

Source: Mitre, NVD

Published: 2022-07-06

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H