CVE-2021-35482 - An issue was discovered in Barco MirrorOp Windows Sender before 2.5.4.70. An attacker in the local n

CVE-2021-35482

Summary

An issue was discovered in Barco MirrorOp Windows Sender before 2.5.4.70. An attacker in the local network is able to achieve Remote Code Execution (with user privileges of the local user) on any device that tries to connect to a WePresent presentation system.

References

https://www.barco.com/en/support/software/R33050099?majorVersion=2&minorVersion=5&patchVersion=4&buildVersion=70

Vulnerable Configurations

cpe:2.3:a:barco:mirrorop_windows_sender:-:*:*:*:*:*:*:*
cpe:2.3:a:barco:mirrorop_windows_sender:-:*:*:*:*:*:*:*
cpe:2.3:a:barco:mirrorop_windows_sender:2.5.3.65:*:*:*:*:*:*:*
cpe:2.3:a:barco:mirrorop_windows_sender:2.5.3.65:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 30-07-2021 - 15:07)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

Last major update

30-07-2021 - 15:07

Published

21-07-2021 - 18:15

Last modified

30-07-2021 - 15:07