Strix
26.1K

CVE-2019-12889

UnknownEPSS 0.62%

Last modified

CVE-2019-12889 is a vulnerability of currently unknown severity. An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. EPSS estimates a 0.62% chance of exploitation in the next 30 days.

Description

An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must disconnect the computer from the local network / WAN and connect it to an internet facing access point / network. At that point, the attacker can execute the password-reset functionality, which will expose a web browser. Browsing to a site that calls local Windows system functions (e.g., file upload) will expose the local file system. From there an attacker can launch a privileged command shell.

Metrics

EPSS Probability
0.62%

45.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
SailpointDesktop Password Reset7.2

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2019-12889?
An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must disconnect the computer from the local network / WAN and connect it to an internet facing access point / network. At that point, the attacker can execute the password-reset functionality, which will expose a web browser. Browsing to a site that calls local Windows system functions (e.g., file upload) will expose the local file system. From there an attacker can launch a privileged command shell.
How severe is CVE-2019-12889?
Severity scoring for CVE-2019-12889 is pending analysis. The EPSS model estimates a 0.62% probability of exploitation in the next 30 days.
How do I fix CVE-2019-12889?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-12889?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST