PT-2026-3830 · Ebeam · Ebeam Education Suite

Luis Martinez

Publicado

2026-01-21

Atualizado

2026-01-21

CVE-2021-47878

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions eBeam Education Suite version 2.5.0.9

Description The eBeam Education Suite 2.5.0.9 contains an unquoted service path vulnerability within the 'eBeam Device Service'. This allows local users to potentially execute code with elevated privileges. An attacker can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem privileges during service startup.

Recommendations Apply appropriate quoting to the service path configuration for the 'eBeam Device Service'.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-428

Identificadores relacionados

CVE-2021-47878

Produtos afetados

Ebeam Education Suite

PT-2026-3830 · Ebeam · Ebeam Education Suite

CVE-2021-47878

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5