CVE-2021-20172

All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which the software is going to be installed may overwrite certain files to obtain privilege escalation to root.
References
Link Resource
https://www.tenable.com/security/research/tra-2021-56 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:netgear:genie_installer:-:*:*:*:*:macos:*:*

Information

Published : 2021-12-30 10:15

Updated : 2022-07-12 05:42


NVD link : CVE-2021-20172

Mitre link : CVE-2021-20172

Products Affected
No products.
CWE