Intel Name: Potential cve-2021-41379 exploitation attempt
Date of Scan: January 3, 2025
Impact: Medium
Summary: A potential CVE-2021-41379 Exploitation Attempt refers to the detection of attempts to exploit a local privilege escalation (LPE) vulnerability, CVE-2021-41379, known as InstallerFileTakeOver. In this vulnerability, an attacker triggers a cmd.exe process as a child of the Microsoft Edge elevation service, elevation_service, while inheriting LOCAL_SYSTEM rights. This allows the attacker to gain elevated privileges on the affected system, potentially enabling unauthorized actions with administrative-level access.