Loading
Generated remediation guidance and an executive summary. No account required.
Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. Agents for MacOS, Linux, and ITM Cloud are not affected.
Cite this page
CVE-2021-22159. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2021-22159
Use CWE-306, Proofpoint vendor hub and Insider Threat Management product page to widen CVE-2021-22159 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2020-8884, CVE-2021-27900 and CVE-2022-25294 for nearby disclosures in the same product family. Additional editorial context is available in Weekly Security Roundup: Navigating the April 2026 Threat Landscape and Critical Framework Exploits.