Security features bypass in APM Clients

#VU52753 Security features bypass in APM Clients

Published: 2021-04-29

Vulnerability identifier: #VU52753

Vulnerability risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-254

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
APM Clients
Hardware solutions / Security hardware applicances

Vendor: F5 Networks

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to after generating the Diagnostics Report, command prompts with elevated privileges remain on the client Windows system. An attacker with access to the system can execute arbitrary code with elevated privileges.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

APM Clients: 7.1.5 - 7.2.1.1

External links
http://support.f5.com/csp/article/K03544414

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Privilege escalation in APM Clients for Windows