CVE-2021-41562

low-risk
Published 2021-11-03

A vulnerability in Snow Snow Agent for Windows allows a non-admin user to cause arbitrary deletion of files. This issue affects: Snow Snow Agent for Windows version 5.0.0 to 6.7.1 on Windows.

Do I need to act?

-
0.05% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.1/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Snow Inventory Agent

Affected Vendors

Snowsoftware

References (2)

Vendor Advisory https://community.snowsoftware.com/s/group/0F91r000000QUhPCAW/news-updates
Vendor Advisory https://community.snowsoftware.com/s/group/0F91r000000QUhPCAW/news-updates
25
/ 100
low-risk
Severity 20/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal