Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Trending KB Articles


CVE-2022-32972: Infoblox BloxOne Endpoint for Windows local privilege escalation

January 19, 2023



CVE-2022-32972: Infoblox BloxOne Endpoint for Windows local privilege escalation.


Customer Environment:

Customers who are running BloxOne Endpoint on their host devices.


Overview and Impact: 

A vulnerability was found in the executable run by the Infoblox BloxOne Endpoint agent, enabling a low-privileged attacker to execute any program as the highly-privileged system user. Versions 2.3.2 and below are vulnerable to a dynamic-link library (DLL) injection attack that can result in local privilege escalation.




Affected Versions:

BloxOne Endpoint for Windows Version 2.3.2 and below is affected by a security vulnerability that may lead to a local privilege escalation.



BloxOne Endpoint Version 2.3.3 and later fix the vulnerability. A new BloxOne Endpoint Version 2.3.6 will also be released that fixes the vulnerability along with a few minor issues.


Note: If the BloxOne Endpoint group is configured with Scheduling/Defer updates, make sure that it is configured properly so that the BloxOne Endpoint version that fixes the vulnerability is pushed to the agent as soon as possible. Kindly refer to the below document for a detailed understanding of "Scheduling Endpoint Group Updates"

Showing results for 
Search instead for 
Did you mean: