High severity7.8NVD Advisory· Published May 16, 2026· Updated May 18, 2026
CVE-2021-47974
CVE-2021-47974
Description
VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute arbitrary code with LocalSystem privileges when services restart.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 13.5.28
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.