CVE-2022-38775 - AskarLabs CVE Database

CVE-2022-38775

Vendor Elastic

Product Elastic Endpoint Security

Weakness CWE-269

Published January 24, 2023

Last update April 2, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

Key dates

02Disclosure timeline

January 24, 2023 CVE published

April 2, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-38775 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/269.html

Related vulnerabilities

04Related CVE

CVE-2024-56447 CVE-2025-14533 Advanced Custom Fields: Extended <= 0.9.2.1 - Unauthenticated Privilege Escalation via Insert User Form Action CVE-2021-23893 Privilege Escalation vulnerability in McAfee Drive Encryption (MDE) CVE-2025-6042 Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme <= 1.4.0 - Unauthenticated Privilege Escalation to Editor CVE-2024-0082 CVE