Unrated severityNVD Advisory· Published Feb 8, 2023· Updated Mar 25, 2025

CVE-2022-38777

Description

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

Affected products

Elastic/Elastic Security Endpointcpe-rescue
Range: Elastic Security versions up to 7.17.8 and 8.4.3 and Elastic Endgame versions up to 3.62.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

discuss.elastic.co/t/elastic-7-17-9-8-5-0-and-8-6-1-security-update/324661mitre
www.elastic.co/community/securitymitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000