CVE-2021-1492

Name of the Vulnerable Software and Affected Versions: Duo Authentication Proxy versions prior to 5.2.1

Description: The issue arises from the Duo Authentication Proxy installer not properly validating file installation paths, allowing an attacker with local user privileges to write to arbitrary privileged directories. This can lead to manipulation of files used by the installer, Denial of Service (DoS) by deleting files, or replacement of system files to potentially achieve elevation of privileges. The exploitation is limited to the time when the installer is running during new installations and is not possible after the installation has finished.

Recommendations: For versions prior to 5.2.1, update to version 5.2.1 to address the issue. As a temporary workaround, consider restricting the privileges of the installer to minimize the risk of exploitation.