PT-2021-14600 · Dell · Dell Wyse Windows Embedded System

Alessandro Baldini

Published

2021-05-21

Updated

2022-04-26

CVE-2021-21552

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier

Description The issue is related to an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this to bypass the restricted environment and perform unauthorized actions on the affected system.

Recommendations For Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2021-21552

Affected Products

Dell Wyse Windows Embedded System

PT-2021-14600 · Dell · Dell Wyse Windows Embedded System

CVE-2021-21552

Weakness Enumeration

Related Identifiers

Affected Products

References · 3