Trust Center Index Page SolarWinds Trust Center Security Advisories | CVE-2021-35230
Unquoted Path Vulnerability (SMB Login) with Kiwi CatTools (CVE-2021-35230)

Summary

As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry.

Affected Products

  • Kiwi CatTools 3.11.8 and earlier

 

Fixed Software Release

 

Advisory Details

Severity

6.7 Medium

Advisory ID

CVE-2021-35230

First Published

10/19/2021

Fixed Version

Kiwi CatTools 3.12

{{STATIC CONTENT}}
{{CAPTION_TITLE}}

{{CAPTION_CONTENT}}

{{TITLE}}