CVE-2021-35957
First published: Tue Jul 13 2021(Updated: )
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) with malicious ones.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Stormshield Endpoint Security | >=2.0.0<=2.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-35957?
CVE-2021-35957 is a vulnerability in Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 that allows local administrators to replace the Visual C++ runtime DLLs with malicious ones.
How severe is CVE-2021-35957?
CVE-2021-35957 has a severity rating of medium, with a CVSS score of 6.7.
How does CVE-2021-35957 impact Stormshield Endpoint Security Evolution?
CVE-2021-35957 allows local administrators to replace the Visual C++ runtime DLLs, potentially compromising the security defenses provided by Stormshield Endpoint Security Evolution.
What is the affected version range of Stormshield Endpoint Security Evolution?
Stormshield Endpoint Security Evolution versions 2.0.0 through 2.0.2 are affected by CVE-2021-35957.
How can I mitigate the CVE-2021-35957 vulnerability?
To mitigate CVE-2021-35957, it is recommended to update Stormshield Endpoint Security Evolution to a version that addresses the vulnerability and monitor for any suspicious activity related to the Visual C++ runtime DLLs.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- vendor/stormshield
- canonical/stormshield endpoint security
- version/stormshield endpoint security/2.0.0
- version/stormshield endpoint security/2.0.2