CVE-2021-28130

Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary (e.g., frwl_svc.exe) bypasses firewall filters.
References
Link Resource
https://habr.com/ru/company/pm/blog/579328/ Exploit Third Party Advisory
https://news.drweb.ru/show/?i=14180&lng=ru Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:drweb:security_space:12.5.2.4160:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-09-24 16:15

Updated : 2024-02-28 18:48


NVD link : CVE-2021-28130

Mitre link : CVE-2021-28130

CVE.ORG link : CVE-2021-28130


JSON object : View

Products Affected

microsoft

  • windows

drweb

  • security_space
CWE
CWE-427

Uncontrolled Search Path Element