CVE-2022-47529
CVE-2022-47529
Vexday Risk Score
23Bajo
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Prueba de concepto
PoC popular en GitHub (1 estrellas) — código de explotación ampliamente disponible.
CVSS —EPSS 1.6%KEV nãoPoC públicaNuclei —Metasploit —Patch —
Ciclo de vida
24 mar 2023PoC pública
28 mar 2023Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protection features via ACL modification.
Productos afectados
n/a · n/aPoCs públicas encontradas — 3
githubgithub.com/hyp3rlinx/CVE-2022-47529★ 1cve_referencepacketstormsecurity.com/files/171476/RSA-NetWitness-Endpoint-EDR-Agent-12.x-Incorrect-Access-Control-Code-Execution.htmlno verificadoexploitdbwww.exploit-db.com/exploits/51336no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
Referencias
https://community.netwitness.com/t5/netwitness-platform-security/nw-2023-04-netwitness-platform-security-advisory-cve-2022-47529/ta-p/696935http://seclists.org/fulldisclosure/2023/Mar/26http://seclists.org/fulldisclosure/2024/Apr/17https://github.com/hyp3rlinx/CVE-2022-47529https://hyp3rlinx.altervista.org/advisories/RSA_NETWITNESS_EDR_AGENT_INCORRECT_ACCESS_CONTROL_CVE-2022-47529.txthttps://packetstormsecurity.com/files/171476/RSA-NetWitness-Endpoint-EDR-Agent-12.x-Incorrect-Access-Control-Code-Execution.htmlhttps://seclists.org/fulldisclosure/2023/Mar/16https://twitter.com/hyp3rlinx/status/1639335477839790105