Unisys Stealth Vulnerability in Windows Search Path Configuration
CVE-2021-35056

6.7MEDIUM

Key Information:

Vendor: Unisys
Status: Stealth
Vendor: CVE Published:; 15 July 2021

What is CVE-2021-35056?

The vulnerability in Unisys Stealth versions 5.1 prior to 5.1.025.0 and 6.0 prior to 6.0.055.0 arises from an unquoted Windows search path issue associated with scheduled tasks. This misconfiguration may allow an unintended executable to run, potentially leading to unauthorized access or execution of malicious code within the system.

References

https://public.support.unisys.com/common/public/vulnerabi...

x_refsource_MISC

https://public.support.unisys.com/common/public/vulnerabi...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2021
Vulnerability Reserved
Jun 21, 2021

CVE-2021-35056 Data

JSON