CVE-2021-27579

2021-02-2317:03:46

mitre

www.cve.org

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and versions that may be deployed and in use across an IT environment. A privilege-escalation vulnerability exists if CPUID is enabled, and thus it should be disabled via configuration settings.

References

community.snowsoftware.com/s/feed/0D56900009cfHLDCA2