Vulnerabilities (CVE)

Filtered by vendor Cylance Subscribe
Filtered by product Cylanceprotect
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-10722 1 Cylance 1 Cylanceprotect 2024-02-28 7.2 HIGH 7.8 HIGH
In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges because users have Modify access to the %PROGRAMFILES%\Cylance\Desktop\log folder, the CyUpdate process grants users Modify access to new files created in this folder, and a new file can be a symlink chain to a pathname of an arbitrary DLL that CyUpdate uses.