Privilege Escalation Vulnerability in Snow Inventory Agent through 6.7.0 on Windows
CVE-2021-27579 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and versions that may be deployed and in use across an IT environment. A privilege-escalation vulnerability exists if CPUID is enabled, and thus it should be disabled via configuration settings.
Learn more about our Web Application Penetration Testing UK.