CVE-2019-17421

2019-11-2114:36:02

mitre

www.cve.org

AI Score

7.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload.

References

blog.vastart.dev/2019/11/cve-2019-17421-privilege-escalation.html

twitter.com/va_start

www.manageengine.com/products/firewall/security-updates/cve-2019-17421.html