Vulnerabilities > CVE-2022-27608 - Incorrect Authorization vulnerability in Forcepoint ONE Endpoint

CVSS 6.0 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

forcepoint

CWE-863

NVD

Published: 2022-04-04

Updated: 2022-04-13

Summary

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges. This could result in a user disabling anti-tampering mechanisms which would then allow the user to disable Forcepoint One Endpoint and the protection offered by it.

Vulnerable Configurations

Part	Description	Count
Application	Forcepoint Forcepoint ONE Endpoint *	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://help.forcepoint.com/security/CVE/CVE-2022-27608.html