Vulnerabilities > CVE-2021-42255 - Exposure of Resource to Wrong Sphere vulnerability in Blueplanet-Works Appguard

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

blueplanet-works

CWE-668

NVD

Published: 2022-04-12

Updated: 2022-04-20

Summary

AppGuard Enterprise before 6.7.100.1 creates a Temporary File in a Directory with Insecure Permissions. Local users can gain SYSTEM privileges because a repair operation relies on the %TEMP% directory of an unprivileged user.

Vulnerable Configurations

Part	Description	Count
Application	Blueplanet-Works Blueplanet Works Appguard -	1

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0022/MNDT-2022-0022.md
https://www.beyondtrust.com/blog