Skip to main content

CVE-2021-33436

Severity High
Score 7.3/10

Summary

NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. This vulnerability allows local non-privileged users to perform DLL Hijacking via any writable directory listed under the system path and ultimately execute code as NT AUTHORITY\SYSTEM.

  • LOW
  • LOCAL
  • HIGH
  • UNCHANGED
  • REQUIRED
  • LOW
  • HIGH
  • HIGH

References

Advisory Timeline

  • Published