Main Vulnerability Database SB2021042920

SB2021042920 - Privilege escalation in APM Clients for Windows

Published: April 29, 2021

Security Bulletin ID SB2021042920

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security features bypass (CVE-ID: N/A)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to after generating the Diagnostics Report, command prompts with elevated privileges remain on the client Windows system. An attacker with access to the system can execute arbitrary code with elevated privileges.

Remediation

Install update from vendor's website.

References

https://support.f5.com/csp/article/K03544414