2 matches found
CVE-2021-3626
Multipass Windows prior to 1.7.0 is affected by a local privilege-escalation issue: any local process can connect to the localhost TCP control socket to perform mounts from the host OS to a guest. Impact is privilege escalation with high severity per CVSS. Remediation provided in public records i...
CVE-2021-3626 Windows version of Multipass unauthenticated localhost tcp control socket can perform mounts
The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation...