CVE-2021-25269

MEDIUM Year: 2021
CVSS v3 Score
4.4
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-428
View all →

Vulnerability Description

A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3.

Related Vulnerabilities

CVE-2020-0507

MEDIUM
CVSS:4.4(Medium)

Unquoted service path in Intel(R) Graphics Drivers before versions 15.33.49.5100, 15.36.38.5117, 15.40.44.5107, 15.45.30.5103, and 26.20.100.7212 may allow an authenticated user to potentially enable ...

CWE-4282020

CVE-2022-4429

MEDIUM
CVSS:4.4(Medium)

Avira Security for Windows contains an unquoted service path which allows attackers with local administrative privileges to cause a Denial of Service. The issue was fixed with Avira Security version 1...

CWE-4282022

CVE-2024-4031

MEDIUM
CVSS:4.4(Medium)

Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM APP on Windows allows Local Execution of Code.

CWE-4282024

CVE-2012-0945

MEDIUM
CVSS:4.9(Medium)

whoopsie-daisy before 0.1.26: Root user can remove arbitrary files

CWE-4282012

CVE-2024-31226

MEDIUM
CVSS:4.9(Medium)

Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked plac...

CWE-4282024

CVE-2022-1697

LOW
CVSS:3.9(Low)

Okta Active Directory Agent versions 3.8.0 through 3.11.0 installed the Okta AD Agent Update Service using an unquoted path. Note: To remediate this vulnerability, you must uninstall Okta Active Direc...

CWE-4282022