Anaconda3 2021.05 Vulnerability: OS Command Injection via usercustomize.py

Anaconda3 2021.05 Vulnerability: OS Command Injection via usercustomize.py

CVE-2021-42969 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an attacker can create a new file and write something in usercustomize.py. When the user opens the terminal or activates Anaconda, the command will be executed.

Learn more about our User Device Pen Test.