Insecure Permissions in AppGuard Enterprise Allows Local Privilege Escalation

Insecure Permissions in AppGuard Enterprise Allows Local Privilege Escalation

CVE-2021-42255 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AppGuard Enterprise before 6.7.100.1 creates a Temporary File in a Directory with Insecure Permissions. Local users can gain SYSTEM privileges because a repair operation relies on the %TEMP% directory of an unprivileged user.

Learn more about our User Device Pen Test.