CVE-2021-43978

HIGH

Allegro Windows 3.3.4152.0 - Info Disclosure

Title source: llm

Description

Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary files, which allows users to access and modify data using the same credentials.

References (3)

[Various Sources] https://cds.thalesgroup.com/en/tcs-cert/CVE-2021-43978

[Patch, Third Party Advisory] https://excellium-services.com/cert-xlm-advisory/CVE-2021-43978

[Vendor Advisory] https://www.allegro.be/

Scores

CVSS v3 7.1

EPSS 0.0022

EPSS Percentile 44.4%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Classification

CWE

CWE-522

Status published

Affected Products (1)

allegro/allegro

Timeline

Published Dec 08, 2021

Tracked Since Feb 18, 2026