Status
Fixed
Risk level
Medium
Action required
FIX No User action is required. The required fix has been published through automatic update channel with USS-Win32/2024-04-29_01
Affected products
All WithSecure Endpoint Protection products for Windows
WithSecure Client Security 15 onwards
WithSecure Server Security 15 onwards
WithSecure Email and Server Security 15
WithSecure Elements Endpoint Protection 17 onwards
Platforms
All supported platforms for the affected products
Date issued
2024-05-22
More information
A vulnerability in the WithSecure Windows endpoint product allows a malicious attacker to abuse the service to create an arbitrary file in the system. An attacker can leverage this vulnerability to perform local privilege escalation.
Note: An attacker must have administrator privilege prior to exploiting this vulnerability or an attacker convince/ trick a user with
Administrative privileges to perform an action in order to exploit this vulnerability
This issue was reported to WithSecure through the Vulnerability Reward Program. No known exploit or attack has been seen in the wild.
Contributors
WithSecure would like to thank following person for bringing this issue to our attention.
Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi)
of Trend Micro Zero Day Initiative (ZDI) team