CVE-2021-20726 Vulnerability Details

  /     /     /  

CVE-2021-20726 Metadata Quick Info

CVE Published: 24/05/2021 | CVE Updated: 03/08/2024 | CVE Year: 2021
Source: jpcert | Vendor: Overwolf Ltd. | Product: The Installer of Overwolf
Status : PUBLISHED

---

CVE-2021-20726 Description

Untrusted search path vulnerability in The Installer of Overwolf 2.168.0.n and earlier allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Untrusted search path vulnerability
Source: Overwolf Ltd.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).