A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of other users running Erlang programs or possibly coerce a service running with "erlsrv.exe" to execute arbitrary code as Local System. This can occur only under specific conditions on Windows with unsafe filesystem permissions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: DeepSurface
Published: 2021-04-09T13:34:59
Updated: 2024-08-03T22:02:51.425Z
Reserved: 2021-03-25T00:00:00
Link: CVE-2021-29221
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-04-09T14:15:12.910
Modified: 2024-11-21T06:00:51.240
Link: CVE-2021-29221
Redhat
No data.