CVE-2021-33436

EUVD-2021-20140
NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. This vulnerability allows local non-privileged users to perform DLL Hijacking via any writable directory listed under the system path and ultimately execute code as NT AUTHORITY\SYSTEM.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
nomachinenomachine
6.0.0 ≤
𝑥
< 6.15.1
nomachinenomachine
7.0 ≤
𝑥
< 7.5.2
𝑥
= Vulnerable software versions
References
https://github.com/active-labs/Advisories/blob/master/2021/ACTIVE-2021-001.md
https://knowledgebase.nomachine.com/SU05S00223
https://knowledgebase.nomachine.com/SU05S00224
https://knowledgebase.nomachine.com/TR05S10236
https://github.com/active-labs/Advisories/blob/master/2021/ACTIVE-2021-001.md
https://knowledgebase.nomachine.com/SU05S00223
https://knowledgebase.nomachine.com/SU05S00224
https://knowledgebase.nomachine.com/TR05S10236