CVE-2021-35231

Name of the Vulnerable Software and Affected Versions: Kiwi Syslog Server (affected versions not specified)

Description: The issue is related to an unquoted service path vulnerability in the Kiwi Syslog Server Installation Wizard. This vulnerability allows a local attacker to gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. An example of a vulnerable path is "ComputerHKEY LOCAL MACHINESYSTEMControlSet001ServicesKiwi Syslog ServerParametersApplication".

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.