CVE-2021-42835

high

Description

An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker (with a foothold in a endpoint via a low-privileged user account) can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC functionality and execute code from a path of his choice (local, or remote via SMB) because of a TOCTOU race condition. This code execution is in the context of the Plex update service (which runs as SYSTEM).

References

https://www.plex.tv/media-server-downloads/

https://ir-on.io/2021/12/02/local-privilege-plexcalation/

https://forums.plex.tv/t/security-regarding-cve-2021-42835/761510

https://bugsec.com/experts_teams/

Details

Source: Mitre, NVD

Published: 2021-12-08

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High