CVE-2021-4480

HIGH

8.2CVSS v3

—CVSS v2

0.02% EPSS (exploit probability)

CWE-732CWE

Description

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execute code with NT SYSTEM privileges.

CVSS v3 vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE