CVE-2023-27247

Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
VendorProductVersion
cynetclient_agent
4.6.0.8010
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/NF-Security-Team/CVEs/blob/main/CVE-Cynet/Readme.md
https://github.com/advisories/GHSA-hmjw-7429-p2vc
https://github.com/NF-Security-Team/CVEs/blob/main/CVE-Cynet/Readme.md
https://github.com/advisories/GHSA-hmjw-7429-p2vc