CVE-2021-42110

An issue was discovered in Allegro Windows (formerly Popsy Windows) before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking.

Summary:

An issue was discovered in Allegro Windows (formerly Popsy Windows) before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking.

Reference Links(if available):

  • https://excellium-services.com/cert-xlm-advisory/CVE-2021-42110
  • http://www.popsy.com/Documents/Setups/Setup.Allegro.3.3.4154.2.exe
  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)