What is CVE-2021-38469?

CVE-2021-38469 is a critical-severity vulnerability in Auvesy Versiondog, classified under Uncontrolled Search Path Element. CVSS score: 9.1/10. Published 2021-10-22.

How severe is CVE-2021-38469?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Vulnerability in Auvesy Versiondog

CVE-2021-38469

Many of the services used by the affected product do not specify full paths for the DLLs they are loading. An attacker can exploit the uncontrolled search path by implanting their own DLL near the affected product’s binaries, thus hijackin…

EPSS: 0.001 (31.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H.

Affected products

Auvesy Versiondog — versions All

Weakness classification (CWE)

CWE-427 — Uncontrolled Search Path Element

References

us-cert.cisa.gov/ics/advisories/icsa-21-292-01 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2021-38469?: CVE-2021-38469 is a critical-severity vulnerability in Auvesy Versiondog, classified under Uncontrolled Search Path Element. CVSS score: 9.1/10. Published 2021-10-22.
How severe is CVE-2021-38469?: Critical severity. CVSS v3 base score is 9.1 out of 10.