Yandex Browser for Windows Local Privilege Escalation Vulnerability

Yandex Browser for Windows Local Privilege Escalation Vulnerability

CVE-2021-25263 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Local privilege vulnerability in Yandex Browser for Windows prior to 21.9.0.390 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating files in directory with insecure permissions during Yandex Browser update process.

Learn more about our Web Application Penetration Testing UK.