CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-45912

An unauthenticated Named Pipe channel in Controlup Real-Time Agent (cuAgent.exe) before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.1%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.6

References

https://controlup.com
https://www.controlup.com/security/security-advisory-local-privilege-escalation/
https://controlup.com
https://www.controlup.com/security/security-advisory-local-privilege-escalation/

Products affected by CVE-2021-45912

Controlup » Real-Time Agent » Version: Any

cpe:2.3:a:controlup:real-time_agent:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-45912

Products

Pricing

Contact Us