First published: Wed Dec 22 2021(Updated: )
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Advantech R-SeeNet | =2.4.15 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-21911 is a privilege escalation vulnerability in the Windows version of installation for Advantech R-SeeNet.
CVE-2021-21911 allows an attacker to escalate privileges to NT SYSTEM authority by replacing a specially-crafted file in the system.
CVE-2021-21911 has a severity rating of 7.8 (High).
Advantech R-SeeNet version 2.4.15 is affected by CVE-2021-21911.
No, Microsoft Windows is not affected by CVE-2021-21911.
Updating Advantech R-SeeNet to a patched version is recommended to fix CVE-2021-21911.
You can find more information about CVE-2021-21911 at the following link: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1360
CVE-2021-21911 is associated with CWE-269 (Improper Privilege Management) and CWE-276 (Incorrect Default Permissions).