Vulnerabilities > Proofpoint > Insider Threat Management > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-13 | CVE-2023-4801 | Improper Certificate Validation vulnerability in Proofpoint Insider Threat Management An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. | 7.5 |
| 2022-03-10 | CVE-2022-25294 | Unspecified vulnerability in Proofpoint Insider Threat Management Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges. | 7.2 |
| 2021-01-26 | CVE-2021-22159 | Improper Privilege Management vulnerability in Proofpoint Insider Threat Management Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. | 7.2 |