CVE-2022-38774

CVE-2022-38774

Vendor Elastic
Product Elastic Endpoint Security and Elastic Endgame Security
Weakness CWE-269
Published January 24, 2023
Last update April 2, 2025

CVSS base score

What the vulnerability does

01Description

An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

Key dates

02Disclosure timeline

January 24, 2023 CVE published
April 2, 2025 Record updated