Vulnerabilities > Elastic > Endpoint Security > High

DATE CVE VULNERABILITY TITLE RISK
2023-02-08 CVE-2022-38777 Improper Privilege Management vulnerability in Elastic Endgame and Endpoint Security
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
local
low complexity
elastic CWE-269
7.8
2023-01-26 CVE-2022-38774 Unspecified vulnerability in Elastic Endgame and Endpoint Security
An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
local
low complexity
elastic
7.8
2023-01-26 CVE-2022-38775 Unspecified vulnerability in Elastic Endpoint Security
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
local
low complexity
elastic
7.8
2022-07-06 CVE-2022-23714 Unspecified vulnerability in Elastic Endpoint Security
A local privilege escalation (LPE) issue was discovered in the ransomware canaries features of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
local
low complexity
elastic
7.8