CVE-2021-38085
CVE-2021-38085
Vexday Risk Score
18Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 1.0%KEV nãoPoC —Nuclei —Metasploit simPatch —
Lifecycle
07 Aug 2021Metasploit module available
11 Aug 2021Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. During the add printer process, a local attacker can overwrite CNMurGE.dll and, if timed properly, the overwritten DLL will be loaded into a SYSTEM process resulting in escalation of privileges. This occurs because the driver drops a world-writable DLL into a CanonBJ %PROGRAMDATA% location that gets loaded by printisolationhost (a system process).
Affected products
n/a · n/a