Vulnerabilities > CVE-2021-36665 - Deserialization of Untrusted Data vulnerability in Druva Insync Client

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
druva
CWE-502
NVD
Published: 2022-07-12
Updated: 2022-07-20

Summary

An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon.

Vulnerable Configurations

Part Description Count
Application
Druva
13

Common Weakness Enumeration (CWE)

References