Vulnerability Details CVE-2021-42835
An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker (with a foothold in a endpoint via a low-privileged user account) can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC functionality and execute code from a path of his choice (local, or remote via SMB) because of a TOCTOU race condition. This code execution is in the context of the Plex update service (which runs as SYSTEM).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.151
EPSS Ranking 94.2%
CVSS Severity
CVSS v3 Score 7.0
CVSS v2 Score 6.9
References
- https://bugsec.com/experts_teams/
- https://forums.plex.tv/t/security-regarding-cve-2021-42835/761510
- https://ir-on.io/2021/12/02/local-privilege-plexcalation/
- https://www.plex.tv/media-server-downloads/
- https://bugsec.com/experts_teams/
- https://forums.plex.tv/t/security-regarding-cve-2021-42835/761510
- https://ir-on.io/2021/12/02/local-privilege-plexcalation/
- https://www.plex.tv/media-server-downloads/
Products affected by CVE-2021-42835
-
cpe:2.3:a:plex:media_server:-
-
cpe:2.3:a:plex:media_server:0.9.9.2
-
cpe:2.3:a:plex:media_server:1.13.2.5154
-
cpe:2.3:a:plex:media_server:1.18.2.2029
-
cpe:2.3:a:plex:media_server:1.18.2.2029-36236cc4c
-
cpe:2.3:a:plex:media_server:1.19.1.2701
-
cpe:2.3:a:plex:media_server:1.19.3
-
cpe:2.3:a:plex:media_server:1.21
-
cpe:2.3:a:plex:media_server:1.24.4.5081
-
cpe:2.3:o:microsoft:windows:-