Main Vulnerability Database Vulnerabilities #VU64186

Permissions, Privileges, and Access Controls in eG Agent - CVE-2022-29594

Published: June 10, 2022

Vulnerability identifier: #VU64186

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-29594

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
eG Agent

Software vendor:
eG Innovations, Inc

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the weak file permissions, which leads to security restrictions bypass and privilege escalation.

Install updates from vendor's website.