Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Trending KB Articles


CVE-2022-32972: Infoblox BloxOne Endpoint for Windows local privilege escalation

January 19, 2023



CVE-2022-32972: Infoblox BloxOne Endpoint for Windows local privilege escalation.


Customer Environment:

Customers who are running BloxOne Endpoint on their host devices.


Overview and Impact: 

A vulnerability was found in the executable run by the Infoblox BloxOne Endpoint agent, enabling a low-privileged attacker to execute any program as the highly-privileged system user. Versions 2.3.2 and below are vulnerable to a dynamic-link library (DLL) injection attack that can result in local privilege escalation.




Affected Versions:

BloxOne Endpoint for Windows Version 2.3.2 and below is affected by a security vulnerability that may lead to a local privilege escalation.



BloxOne Endpoint Version 2.3.3 and later fix the vulnerability. A new BloxOne Endpoint Version 2.3.6 will also be released that fixes the vulnerability along with a few minor issues.


Note: If the BloxOne Endpoint group is configured with Scheduling/Defer updates, make sure that it is configured properly so that the BloxOne Endpoint version that fixes the vulnerability is pushed to the agent as soon as possible. Kindly refer to the below document for a detailed understanding of "Scheduling Endpoint Group Updates"

Showing results for 
Search instead for 
Did you mean: