Privilege escalation in APM Clients for Windows
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | N/A |
| CWE-ID | CWE-254 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
APM Clients Hardware solutions / Security hardware applicances |
| Vendor | F5 Networks |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Security features bypass
EUVDB-ID: #VU52753
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: N/A
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to after generating the Diagnostics Report, command prompts with elevated privileges remain on the client Windows system. An attacker with access to the system can execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Vulnerable software versionsAPM Clients: 7.1.5 - 7.2.1.1
CPE2.3- cpe:2.3:h:f5_networks:big-ip_apm_client:7.1.5:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm_client:7.1.6:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip_apm_client:7.1.7:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K03544414
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
