CVE-2021-30605

Inappropriate implementation in the ChromeOS Readiness Tool installer on Windows prior to 1.0.2.0 loosens DCOM access rights on two objects allowing an attacker to potentially bypass discretionary access controls.
References
Link Resource
https://crbug.com/1240952 Permissions Required
https://bit.ly/37CS6G9 Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:google:chrome_os_readiness_tool:*:*:*:*:*:*:*:*
OR cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

Information

Published : 2021-09-08 14:15

Updated : 2021-09-15 08:58


NVD link : CVE-2021-30605

Mitre link : CVE-2021-30605


JSON object : View

CWE
CWE-287

Improper Authentication

Advertisement

dedicated server usa

Products Affected

google

  • chrome_os_readiness_tool

microsoft

  • windows_7
  • windows_8.1
  • windows_10