CVE-2021-4481 PUBLISHED

Dräger Protector Software Local Privilege Escalation via Insecure File Permissions

Assigner: VulnCheck
Reserved: 02.06.2026 Published: 02.06.2026 Updated: 02.06.2026

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execute code with NT SYSTEM privileges.

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H
CVSS Score: 8.3

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Local	Confidentiality	None	Confidentiality	None
Attack Complexity	Low	Integrity	High	Integrity	High
Attack Requirements	None	Availability	High	Availability	High
Privileges Required	None
User Interaction	Active

CVSS 4.0

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H
CVSS Score: 8.2

Attack Vector	Local	Scope	Changed
Attack Complexity	Low	Confidentiality Impact	None
Privileges Required	None	Integrity Impact	High
User Interaction	Required	Availability Impact	High

CVSS 3.1

Product Status

Vendor	Dräger
Product	Protector Software
Versions	Default: unaffected affected from 0 to 6.4.2 (excl.)

CVE-2021-4481 PUBLISHED

Dräger Protector Software Local Privilege Escalation via Insecure File Permissions

Metrics

Product Status

Credits

References

Problem Types