First published: Tue Mar 28 2023(Updated: )
Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protection features via ACL modification.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
RSA Netwitness | <12.2 | |
<12.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2022-47529.
The severity of CVE-2022-47529 is medium.
CVE-2022-47529 allows local and admin Windows user accounts to modify the endpoint agent service configuration, potentially enabling unauthorized code execution.
RSA NetWitness Platform version up to but excluding 12.2 is affected by CVE-2022-47529.
Upgrade to RSA NetWitness Platform version 12.2 or higher to fix the vulnerability described in CVE-2022-47529.