First published: Fri Nov 12 2021(Updated: )
There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows. This may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ni Ni Service Locator | <18.0.0.49152 | |
Microsoft Windows | ||
All of | ||
Ni Ni Service Locator | <18.0.0.49152 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-42563 is a vulnerability that allows an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges in NI Service Locator (nisvcloc.exe) versions prior to 18.0 on Windows.
CVE-2021-42563 has a severity rating of high with a CVSS score of 7.8.
NI Service Locator versions prior to 18.0 on Windows are affected by CVE-2021-42563.
An authorized local user can exploit CVE-2021-42563 by inserting arbitrary code into the unquoted service path and escalating privileges.
You can find more information about CVE-2021-42563 at the following reference link: [CVE-2021-42563](https://www.ni.com/en-us/support/documentation/supplemental/21/unquoted-service-path-in-ni-service-locator.html)