CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-47883

HIGH
7.8
CVSS Severity Score
EPSS Score0.0530%
EPSS Percentile15.99th
Published2026年1月21日
Last Modified2026年4月15日

Vulnerability Description

Sandboxie Plus 0.7.2 contains an unquoted service path vulnerability in the SbieSvc service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions during service startup.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://sandboxie-plus.com/
🔗 https://www.exploit-db.com/exploits/49631
🔗 https://www.vulncheck.com/advisories/sandboxie-plus-sbiesvc-unquoted-service-path

関連する脆弱性情報

CVE-2021-2328110.0

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated remote code execution vulnerability. IPM soft...

CVE-2021-224410.0

Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: JAPI) and Essbase Analytic Provide...

CVE-2021-138810.0

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could a...

CVE-2021-224810.0

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that...