Privilege Escalation Vulnerability

(CVE-2021-31217)

Security Advisory Summary

Insecure folder permissions of the Dameware Mini Remote Control Service installation (version 12.0.1.2008) allows for privileged file deletion when a repair is initiated by the Windows Installer.

Affected Products

Dameware 12.0.1.2008

Fixed Software Release

Dameware 12.2

Acknowledgments

Adriaan Schuitmaker

Advisory Details

Severity

6.5 Medium

Advisory ID

CVE-2021-31217

First Published

07/15/2021

Fixed Version

Dameware 12.2

CVSS Score

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:
C/C:N/I:N/A:H