← voltar
CVE-2021-4480

Dräger Protector Software Local Privilege Escalation via Insecure File Permissions

CVSS 8.3 HIGHEPSS 0.1%CWE-732
Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execute code with NT SYSTEM privileges.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H
Produtos afetados
Dräger · Protector Software

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://static.draeger.com/security/download/2021-267-01-Draeger-Protector-Software-vulnerabilities.pdfhttps://www.vulncheck.com/advisories/dr-ger-protector-software-local-privilege-escalation-via-insecure-file-permissions