Vulnerability CVE-2020-8884


Published: 2021-01-06

Description:
rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes.

Type:

CWE-502

(Deserialization of Untrusted Data)

CVSS2 => (AV:N/AC:L/Au:S/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9/10
10/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Proofpoint -> Inside threat management 
Proofpoint -> Insider threat management 

 References:
https://www.proofpoint.com/us/blog
https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0002

Copyright 2022, cxsecurity.com

 

Back to Top