← Back

CVE-2021-20793

nvd nist
Published: Aug 26, 2021Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory.

Affected (2)

Sony
2 products
Audio Usb Driver
Hap Music Transfer
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Audio Usb Driver
Up to 1.10
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Hap Music Transfer
Up to 1.3.0

Related CWEs

CWE-427
Uncontrolled Search Path Element
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

References (8)

Source: vultures@jpcert.or.jp
Third Party Advisory
Source: vultures@jpcert.or.jp
ProductVendor Advisory
Source: vultures@jpcert.or.jp
ProductVendor Advisory
Source: vultures@jpcert.or.jp
ProductVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ProductVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ProductVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ProductVendor Advisory

Timeline

No history available yet.