CVE-2021-33436

NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. This vulnerability allows local non-privileged users to perform DLL Hijacking via any writable directory listed under the system path and ultimately execute code as NT AUTHORITY\SYSTEM.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.3 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
nomachinenomachine
6.0.0 ≤
𝑥
< 6.15.1
nomachinenomachine
7.0 ≤
𝑥
< 7.5.2
𝑥
= Vulnerable software versions
References
https://github.com/active-labs/Advisories/blob/master/2021/ACTIVE-2021-001.md
https://knowledgebase.nomachine.com/SU05S00223
https://knowledgebase.nomachine.com/SU05S00224
https://knowledgebase.nomachine.com/TR05S10236
https://github.com/active-labs/Advisories/blob/master/2021/ACTIVE-2021-001.md
https://knowledgebase.nomachine.com/SU05S00223
https://knowledgebase.nomachine.com/SU05S00224
https://knowledgebase.nomachine.com/TR05S10236