#VU73183 Code Injection in Proofpoint Enterprise Protection - CVE-2023-0089


Vulnerability identifier: #VU73183

Vulnerability risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-0089

CWE-ID: CWE-94

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Proofpoint Enterprise Protection
Server applications / DLP, anti-spam, sniffers

Vendor: Proofpoint

Description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation in webutils. A local user can execute arbitrary perl code on the target system.


Mitigation
Install updates from vendor's website.

Vulnerable software versions

Proofpoint Enterprise Protection: before 8.13.22

External links
https://www.proofpoint.com/security/security-advisories/pfpt-sa-2023-0001
https://www.proofpoint.com/us/node/124741

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Proofpoint Enterprise Protection