Potential cve-2021-41379 exploitation attempt

Intel Name: Potential cve-2021-41379 exploitation attempt

Date of Scan: January 3, 2025

Impact: Medium

Summary:
A potential CVE-2021-41379 Exploitation Attempt refers to the detection of attempts to exploit a local privilege escalation (LPE) vulnerability, CVE-2021-41379, known as InstallerFileTakeOver. In this vulnerability, an attacker triggers a cmd.exe process as a child of the Microsoft Edge elevation service, elevation_service, while inheriting LOCAL_SYSTEM rights. This allows the attacker to gain elevated privileges on the affected system, potentially enabling unauthorized actions with administrative-level access.

More Details