This page aggregates publicly disclosed CVE and security risk information related to cynet, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-27247 | Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens. | [email protected] | 4.4 | 0.14% | 2023-03-28 | 2025-02-18 |
| CVE-2022-27969 | Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy users via a crafted GET request sent to /WebApp/DeceptionUser/GetAllDeceptionUsers. | [email protected] | 5.3 | 0.24% | 2022-09-08 | 2024-11-21 |
| CVE-2022-27968 | Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles. | [email protected] | 5.3 | 0.24% | 2022-09-08 | 2024-11-21 |
| CVE-2022-27967 | Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles. | [email protected] | 5.3 | 0.24% | 2022-09-08 | 2024-11-21 |