VYPR
Unrated severityNVD Advisory· Published Apr 9, 2021· Updated Aug 3, 2024

CVE-2021-29221

CVE-2021-29221

Description

A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of other users running Erlang programs or possibly coerce a service running with "erlsrv.exe" to execute arbitrary code as Local System. This can occur only under specific conditions on Windows with unsafe filesystem permissions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Erlang/OTPllm-fuzzy
    Range: <23.2.3
  • Erlang Project/Erlang/OTPv5
    Range: < 23.2.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.