CVE-2019-17421
N/A
N/A
Summary
Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://twitter.com/va_start
- https://blog.vastart.dev/2019/11/cve-2019-17421-privilege-escalation.html
- https://www.manageengine.com/products/firewall/security-updates/cve-2019-17421.html
References
- https://twitter.com/va_start
- https://blog.vastart.dev/2019/11/cve-2019-17421-privilege-escalation.html
- https://www.manageengine.com/products/firewall/security-updates/cve-2019-17421.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.