VDB
CVE-2021-42980
CVE-2021-42980
PUBLISHED
CVSS 8.800000190734863 HIGH
NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
EPSS 0.17% · 38.3th percentile
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score
0.17%
38.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| nomachine | cloud_server | 4.0.346 |
Timeline
- Dec 7, 2021 CVE Published
- Dec 8, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 1, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 21, 2022 EPSS Score
- Jul 15, 2022 EPSS Score
- Sep 8, 2022 EPSS Score
- Nov 2, 2022 EPSS Score
- Dec 26, 2022 EPSS Score
- Feb 19, 2023 EPSS Score
References
- https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/ url
- https://nvd.nist.gov/vuln/detail/CVE-2021-42980 advisory
- https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services url