Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-28877

This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation.

Published

2022-07-21T16:15:09.030

Last Modified

2024-11-21T06:58:07.100

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	f-secure	elements_endpoint_protection	*	Yes
Operating System	microsoft	windows	-	No

References

https://www.f-secure.com/en/business/support-and-downloads/security-advisories Vendor Advisory ([email protected])
https://www.withsecure.com/en/support/security-advisories Vendor Advisory ([email protected])
https://www.f-secure.com/en/business/support-and-downloads/security-advisories Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.withsecure.com/en/support/security-advisories Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)