CyberSec.Space Logo
Back to CVE Browser

CVE-2021-47883

HIGH
7.8
CVSS Severity Score
EPSS Score0.0530%
EPSS Percentile15.99th
PublishedJan 21, 2026
Last ModifiedApr 15, 2026

Vulnerability Description

Sandboxie Plus 0.7.2 contains an unquoted service path vulnerability in the SbieSvc service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions during service startup.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://sandboxie-plus.com/
🔗 https://www.exploit-db.com/exploits/49631
🔗 https://www.vulncheck.com/advisories/sandboxie-plus-sbiesvc-unquoted-service-path

Related Vulnerabilities

CVE-2021-4231110.0

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVE-2021-2195110.0

An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of...

CVE-2021-3919910.0

remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-htm...

CVE-2021-4231310.0

Microsoft Defender for IoT Remote Code Execution Vulnerability