Published: 08/12/2021 Updated: 13/12/2021

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 614

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

An issue exists in Plex Media Server up to and including 1.24.4.5081-e362dc1ee. An attacker (with a foothold in a endpoint via a low-privileged user account) can access the exposed RPC service of the update service component. This RPC functionality allows the malicious user to interact with the RPC functionality and execute code from a path of his choice (local, or remote via SMB) because of a TOCTOU race condition. This code execution is in the context of the Plex update service (which runs as SYSTEM).

Vulnerable Product	Search on Vulmon	Subscribe to Product
plex media_server

Plex media server local privilige escalation poc - CVE-2021-42835

Local Privilege PlEXcalasion - CVE-2021-42835 Plex Media Server for Windows prior to version 12505282, vulnerable to Time Of Check Time Of Use (TOCTOU) that allows low privilege users to gain SYSTEM privileges Discovered by Tomer Peled, Netanel Cohen, and Amir Shen a Security Researchers from BugSec Details Plex for windows uses PlexUpdateServiceexe to install new update

CWE-367 https://forums.plex.tv/t/security-regarding-cve-2021-42835/761510 https://bugsec.com/experts_teams/https://ir-on.io/2021/12/02/local-privilege-plexcalation/https://www.plex.tv/media-server-downloads/https://nvd.nist.gov https://github.com/netanelc305/PlEXcalaison

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-42835

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect