Lucene search

K
cvelistVmwareCVELIST:CVE-2021-22037
HistoryOct 29, 2021 - 11:09 a.m.

CVE-2021-22037

2021-10-2911:09:07
vmware
www.cve.org
3
installbuilder
windows
installer
vulnerability
registry manipulation
path interception
search order hijacking
attacker
malicious command
system command

EPSS

0.001

Percentile

23.2%

Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path Interception by Search Order Hijacking, potentially allowing an attacker to plant a malicious reg.exe command so it takes precedence over the system command. The vulnerability only affects Windows installers.

CNA Affected

[
  {
    "product": "VMware InstallBuilder",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All InstallBuilder versions prior to version 21.6.0"
      }
    ]
  }
]

EPSS

0.001

Percentile

23.2%

Related for CVELIST:CVE-2021-22037