CVE-2021-42563
First published: Fri Nov 12 2021(Updated: )
There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows. This may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ni Ni Service Locator | <18.0.0.49152 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-42563?
CVE-2021-42563 is a vulnerability that allows an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges in NI Service Locator (nisvcloc.exe) versions prior to 18.0 on Windows.
How severe is CVE-2021-42563?
CVE-2021-42563 has a severity rating of high with a CVSS score of 7.8.
Which software versions are affected by CVE-2021-42563?
NI Service Locator versions prior to 18.0 on Windows are affected by CVE-2021-42563.
How can an authorized local user exploit CVE-2021-42563?
An authorized local user can exploit CVE-2021-42563 by inserting arbitrary code into the unquoted service path and escalating privileges.
Where can I find more information about CVE-2021-42563?
You can find more information about CVE-2021-42563 at the following reference link: [CVE-2021-42563](https://www.ni.com/en-us/support/documentation/supplemental/21/unquoted-service-path-in-ni-service-locator.html)
- collector/nvd-index
- agent/weakness
- agent/event
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/type
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ni
- canonical/ni ni service locator
- vendor/microsoft
- canonical/microsoft windows