CVE-2021-42835

Name of the Vulnerable Software and Affected Versions Plex Media Server versions through 1.24.4.5081-e362dc1ee

Description An issue allows an attacker with a foothold in an endpoint via a low-privileged user account to access the exposed RPC service of the update service component. The RPC functionality enables the attacker to interact with it and execute code from a path of their choice, either locally or remotely via SMB, due to a TOCTOU race condition. This code execution occurs in the context of the Plex update service, which runs as SYSTEM.

Recommendations For versions through 1.24.4.5081-e362dc1ee, consider restricting access to the RPC service of the update service component to minimize the risk of exploitation. As a temporary workaround, avoid using the RPC functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.