CVE-2021-42809
MEDIUMThales Sentinel Protection Installer - Code Injection
Title source: llmDescription
Improper Access Control of Dynamically-Managed Code Resources (DLL) in Thales Sentinel Protection Installer could allow the execution of arbitrary code.
References (1)
Core 1
Core References
Not Applicable x_refsource_misc
https://cpl.thalesgroup.com/fr/software-monetization/security-updates
Scores
CVSS v3
6.5
EPSS
0.0029
EPSS Percentile
20.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-913
Status
published
Products (1)
thalesgroup/sentinel_protection_installer
< 7.7.1
Published
Dec 20, 2021
Tracked Since
Feb 18, 2026