In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges because users have Modify access to the %PROGRAMFILES%\Cylance\Desktop\log folder, the CyUpdate process grants users Modify access to new files created in this folder, and a new file can be a symlink chain to a pathname of an arbitrary DLL that CyUpdate uses.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-05-04T00:00:00
Updated: 2024-08-05T07:46:46.449Z
Reserved: 2018-05-03T00:00:00
Link: CVE-2018-10722
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-05-04T00:29:00.220
Modified: 2018-06-13T15:27:20.230
Link: CVE-2018-10722
Redhat
No data.