CVE-2022-25153— ITarian - Local privilege escalation in Endpoint Manager agent on Windows
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-25153
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ITarian - Local privilege escalation in Endpoint Manager agent on Windows
Source: NVD (National Vulnerability Database)
Vulnerability Description
The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
Permission Issues
Source: NVD (National Vulnerability Database)
Vulnerability Title
ITarian 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ITarian是美国ITarian公司的一种远程访问和 IT 管理解决方案。可帮助组织与其客户和员工建立联系和沟通,促进跨团队的远程文件访问、系统监控、故障排除和运营管理。 ITarian Endpoint Manager Communication Client 6.43.41148.21120之前的版本存在安全漏洞,该漏洞源于编译安装OpenSSL过程中使用不安全的设置,攻击者利用该漏洞可以将其权限提升。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| ITarian | Endpoint Manager Communication Client for Windows | any version ~ 6.43.41148.21120 | - |
II. Public POCs for CVE-2022-25153
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-25153
请登录查看更多情报信息。
- https://csirt.divd.nl/DIVD-2021-00037third-party-advisory
- https://csirt.divd.nl/CVE-2022-25153third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-25153
Same Patch Batch · ITarian · 2022-06-08 · 3 CVEs total
| CVE-2022-25152 | 9.9 CRITICAL | ITarian - Any user with a valid session token can create and execute agent procedures and |
| CVE-2022-25151 | 7.5 HIGH | ITarian - Session cookie not protected by HttpOnly flag |
IV. Related Vulnerabilities
V. Comments for CVE-2022-25153
No comments yet