CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-19620

In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file. This is limited in scope to the collection of process-execution telemetry, for executions against specific files where the SYSTEM user was denied access to the source file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.0%

CVSS Severity

CVSS v3 Score 3.3

CVSS v2 Score 2.1

References

https://medium.com/%40CowbellSteve/secureworks-red-cloak-local-bypass-bfaed2be407e
https://www.secureworks.com/resources/ds-aetd-red-cloak-data-sheet
https://medium.com/%40CowbellSteve/secureworks-red-cloak-local-bypass-bfaed2be407e
https://www.secureworks.com/resources/ds-aetd-red-cloak-data-sheet

Products affected by CVE-2019-19620

Dell » Red Cloak Windows Agent » Version: Any

cpe:2.3:a:dell:red_cloak_windows_agent:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19620

Products

Pricing

Contact Us