CVE-2023-27247

EUVD-2023-31025
Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
CISA-ADPADP
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
cynetclient_agent
4.6.0.8010
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/NF-Security-Team/CVEs/blob/main/CVE-Cynet/Readme.md
https://github.com/advisories/GHSA-hmjw-7429-p2vc
https://github.com/NF-Security-Team/CVEs/blob/main/CVE-Cynet/Readme.md
https://github.com/advisories/GHSA-hmjw-7429-p2vc