CVE-2022-38775

high

Description

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

References

https://www.elastic.co/community/security

https://discuss.elastic.co/t/endpoint-security-8-4-1-security-statement/323753

Details

Source: Mitre, NVD

Published: 2023-01-26

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00119

Detections

Analytics