Elastic Endpoint Security — known CVE vulnerabilities
Every CVE whose affected-product data names Elastic Endpoint Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-23714 — CVSS 7.8 (high): A local privilege escalation (LPE) issue was discovered in the ransomware canaries features of Elastic Endpoint Security for Windows, which…
CVE-2022-38774 — CVSS 7.8 (high): An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow…
CVE-2022-38775 — CVSS 7.8 (high): An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate…
CVE-2022-38777 — CVSS 7.8 (high): An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate…
CVE-2023-46669 — CVSS 6.2 (medium): Exposure of sensitive information to local unauthorized actors in Elastic Agent and Elastic Security Endpoint can lead to loss of…
CVE-2026-56152 — CVSS 5.3 (medium): Incorrect Authorization (CWE-863) in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not…