Vulnerability Description
Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sony | Audio Usb Driver | <= 1.10 |
| Sony | Hap Music Transfer | <= 1.3.0 |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN80288258/index.htmlThird Party Advisory
- https://www.sony.co.uk/electronics/support/software/00266642ProductVendor Advisory
- https://www.sony.co.uk/electronics/support/software/00266749ProductVendor Advisory
- https://www.sony.co.uk/electronics/support/software/00266758ProductVendor Advisory
- https://jvn.jp/en/jp/JVN80288258/index.htmlThird Party Advisory
- https://www.sony.co.uk/electronics/support/software/00266642ProductVendor Advisory
- https://www.sony.co.uk/electronics/support/software/00266749ProductVendor Advisory
- https://www.sony.co.uk/electronics/support/software/00266758ProductVendor Advisory
FAQ
What is CVE-2021-20793?
CVE-2021-20793 is a vulnerability with a CVSS score of 7.8 (HIGH). Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and exec...
How severe is CVE-2021-20793?
CVE-2021-20793 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-20793?
Check the references section above for vendor advisories and patch information. Affected products include: Sony Audio Usb Driver, Sony Hap Music Transfer.