CVE-2017-11197

HIGH

CyberArk Viewfinity <6.1.1.220 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-11197. PoCs published by geoda.

AI-analyzed exploit summary This exploit leverages a privilege escalation vulnerability in CyberArk Viewfinity <= 5.5 by abusing the 'add printer' functionality to spawn a command prompt with administrative privileges. The PoC involves navigating through the Viewfinity Control Panel to trigger the flaw.

Description

In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the "add printer" option.

Exploits (1)

exploitdb WORKING POC

by geoda · textlocalwindows

https://www.exploit-db.com/exploits/42319

View Code ZIP pw:eip

This exploit leverages a privilege escalation vulnerability in CyberArk Viewfinity <= 5.5 by abusing the 'add printer' functionality to spawn a command prompt with administrative privileges. The PoC involves navigating through the Viewfinity Control Panel to trigger the flaw.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: CyberArk Viewfinity version 5.5 (5.5.10.95)

Auth required

Prerequisites: Low privilege user access to the system · Viewfinity Control Panel accessible via system tray

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Product

http://lp.cyberark.com/rs/316-CZP-275/images/ds-Viewfinity-102315-web.pdf

Exploit, Third Party Advisory, VDB Entry

https://www.exploit-db.com/exploits/42319

Scores

CVSS v3 7.8

EPSS 0.0098

EPSS Percentile 57.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

Status published

Products (2)

cyberark/viewfinity 5.5.10.95

cyberark/viewfinity 6.0 - 6.1.1.220

Published May 03, 2023

Tracked Since Feb 18, 2026