Vulnerabilities > CVE-2019-9627 - Out-of-bounds Write vulnerability in Cyberark Endpoint Privilege Manager 10.2.1.603

047910
CVSS 7.0 - HIGH
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
high complexity
cyberark
CWE-787

Summary

A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.

Vulnerable Configurations

Part Description Count
Application
Cyberark
2

Common Weakness Enumeration (CWE)