Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33436

April 28, 2022, 11:15 a.m. |

National Vulnerability Database nist.gov

NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. This vulnerability allows local non-privileged users to perform DLL Hijacking via any writable directory listed under the system path and ultimately execute code as NT AUTHORITY\SYSTEM.

cve

Software Engineering Lead, Application Security

@ Hotjar | Remote

Mentor - Cyber Security Career Track (Part-time/Remote)

@ Springboard | Remote

Project Manager Data Privacy and IT Security (d/m/f)

@ Bettermile | Hybrid, Berlin

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

Network Architect

@ Earthjustice | Remote, US

DevOps Application Administrator

@ University of Michigan - ITS | Ann Arbor, MI

Threat Analyst (WebApp)

@ Patchstack | Remote, EU Only

NIST Compliance Specialist

@ Coffman Engineers, Inc. | Seattle, WA

Senior Cybersecurity Advisory Consultant (Argentina)

@ Culmen International LLC | Buenos Aires, Argentina

Information Security Administrator

@ Peterborough Victoria Northumberland and Clarington Catholic District School Board | Peterborough, Ontario

Senior SOC Analyst - REMOTE

@ XOR Security | Falls Church, Virginia

Cyber Intelligence Analyst

@ FWG Solutions, Inc. | Shaw AFB, SC