CVE-2021-20793
Summary
| CVE | CVE-2021-20793 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-08-26 02:15:00 UTC |
| Updated | 2021-09-01 21:23:00 UTC |
| Description | Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. |
Risk And Classification
Problem Types: CWE-427
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sony | Audio Usb Driver | All | All | All | All |
| Application | Sony | Hap Music Transfer | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Sony USB Audio Driver for Windows | Sony UK | MISC | www.sony.co.uk | |
| JVN#80288258: The installers of multiple Sony products may insecurely load Dynamic Link Libraries | MISC | jvn.jp | |
| HAP Music Transfer 1.3.0 for HAP audio player system (Windows) | Sony UK | MISC | www.sony.co.uk | |
| Driver for Microsoft Windows | Sony UK | MISC | www.sony.co.uk | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.