ITM Windows Agent Local Privilege Escalation | Proofpoint US

Platform
Products
Solutions
Partners
Resources
Company

Search

English (Americas)

Platform

Products

Solutions

Partners

Resources

Company

Multi-layered, adaptive defenses for threat detection, impersonation, and supplier risk.

Email Security

Impersonation Protection

More products

Transform your information protection with a human-centric, omni-channel approach.

Enterprise DLP

Adaptive Email DLP

Insider Threat Management

Intelligent Compliance

Mitigate Human Risk

Unlock full user risk visibility and drive behavior change.

Security Awareness

Augment Your Capabilities

Managed Services

Product Packages

More Protect People Products

Account Take-Over and Identity Protection

Secure vulnerable identities, stop lateral movement and privilege escalation.

Adaptive Email Security

Stop more threats with a fully integrated layer of behavioral AI.

Secure Email Relay

Secure your application email and accelerate DMARC implementation

Solutions by Use Case

How Proofpoint protects your people and data.

Authenticate Your Email

Protect your email deliverability with DMARC.

Combat Email and Cloud Threats

Protect your people from email and cloud threats with an intelligent and holistic approach.

More use cases

Solutions by Industry

People-centric solutions for your organization.

Federal Government

Cybersecurity for federal government agencies.

State and Local Government

Protecting the public sector, and the public from cyber threats.

More industries

Comparing Proofpoint

Evaluating cybersecurity vendors? Check out our side-by-side comparisons.

View comparisons

Solutions By Use Case

How Proofpoint protects your people and data.

Change User Behavior

Help your employees identify, resist and report attacks before the damage is done.

Combat Data Loss and Insider Risk

Prevent data loss via negligent, compromised and malicious insiders.

Modernize Compliance and Archiving

Manage risk and data retention needs with a modern compliance and archiving solution.

Protect Cloud Apps

Keep your people and their cloud apps secure by eliminating threats and data loss.

Prevent Loss from Ransomware

Learn about this growing threat and stop attacks by securing ransomware's top vector: email.

Secure Microsoft 365

Implement the best security and compliance solution for Microsoft 365.

Solutions By Industry

People-centric solutions for your organization.

Higher Education

A higher level of security for higher education.

Financial Services

Eliminate threats, build trust and foster growth for your organization.

Healthcare

Protect clinicians, patient data, and your intellectual property against advanced threats.

Mobile Operators

Make your messaging environment a secure environment.

Internet Service Providers

Cloudmark email protection.

Small and Medium Businesses

Big-time security for small business.

Proofpoint vs. the competition

Side-by-side comparisons.

Proofpoint vs. Abnormal Security

Proofpoint vs. Mimecast

Proofpoint vs. Cisco

Proofpoint vs Microsoft

Proofpoint vs. Microsoft Purview

Proofpoint vs. Legacy DLP

Partners

Deliver Proofpoint solutions to your customers.

Channel Partners

Archive Extraction Partners

Learn about Extraction Partners.

GSI and MSP Partners

Learn about our global consulting.

Technology and Alliance Partners

Learn about our relationships.

Social Media Protection Partners

Learn about the technology and....

Proofpoint Essentials Partner Programs

Small Business Solutions .

Become a Channel Partner

Resources

Find reports, webinars, blogs, events, podcasts and more.

Resource Library

Blog

Keep up with the latest news and happenings.

Webinars

Browse our webinar library to learn about the latest threats, trends and issues in cybersecurity.

Cybersecurity Academy

Earn your certification to become a Proofpoint Certified Guardian.

Podcasts

Learn about the human side of cybersecurity.

New Perimeters Magazine

Get the latest cybersecurity insights in your hands.

Threat Glossary

Learn about the latest security threats.

Events

Connect with us at events to learn how to protect your people and data from ever-evolving threats.

Customer Stories

Read how our customers solve their most pressing cybersecurity challenges.

Company

Proofpoint protects organizations' greatest assets and biggest risks: their people.

About Proofpoint

Why Proofpoint

Learn about our unique people-centric approach to protection.

Careers

Stand out and make a difference at one of the world's leading cybersecurity companies.

News Center

Read the latest press releases, news stories and media highlights about Proofpoint.

Privacy and Trust

Learn about how we handle data and make commitments to privacy and other regulations.

Environmental, Social, and Governance

Learn how we apply our principles to positively impact our community.

Support

Access the full range of Proofpoint support services.

Platform

Discover the Proofpoint human-centric platform.

Learn More

Proofpoint Nexus

Detection technologies to protect people and defend data.

Proofpoint Zen

Protect and engage users wherever they work.

Search Proofpoint

Try searching for

Email Security Phishing DLP Email Fraud

Select Product Login

Select Language

Security Advisories

ITM Windows Agent Local Privilege Escalation

ITM Windows Agent Local Privilege Escalation, CVE-2022-25294

Advisory ID: PFPT-SA-2022-0001

Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges. All versions prior to 7.12.1 are affected. Agents for MacOS and Linux and Cloud are unaffected.

Vulnerability Information

This vulnerability is identified by CVE-2022-25294.

This vulnerability has been assigned a CVSS score of 7.8:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Fixed Software

Proofpoint has released fixed software version 7.12.1.

The fixed software versions are available through the customer support portal.

Acknowledgments

Thanks to Ruslan Sayfiev and Denis Faiustov of Ierae Security who helped us identify this vulnerability.

URL

https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2022-0001

Revision History

Version	Description	Section	Date
1.0	Initial Release		March 7, 2022
1.1	Add acknowledgments		March 22, 2022

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. PROOFPOINT RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for authorized subscribers to Proofpoint products and services.