Unquoted Service Path Vulnerability in NI Service Locator (nisvcloc.exe) on Windows

Unquoted Service Path Vulnerability in NI Service Locator (nisvcloc.exe) on Windows

CVE-2021-42563 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows. This may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.

Learn more about our User Device Pen Test.